www.tvnz.co.nz Open in urlscan Pro
103.231.157.164 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-per...
Submission: On May 28 via api (May 28th 2021, 5:05:55 am UTC) from DK

Summary HTTP 241 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 70 IPs in 11 countries across 51 domains to perform 241 HTTP transactions. The main IP is 103.231.157.164, located in New Zealand and belongs to TVNZ-AS-NZ Television New Zealand, NZ. The main domain is www.tvnz.co.nz.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on July 7th 2020. Valid for: a year.

This is the only time www.tvnz.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
32	103.231.157.164 103.231.157.164	37999 (TVNZ-AS-N...) (TVNZ-AS-NZ Television New Zealand)
7	143.204.98.6 143.204.98.6	16509 (AMAZON-02) (AMAZON-02)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
3	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 5	52.212.68.88 52.212.68.88	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:218... 2600:9000:2182:a200:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
34	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
2 6	13.226.159.43 13.226.159.43	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:215... 2600:9000:2156:1400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	13.226.159.49 13.226.159.49	16509 (AMAZON-02) (AMAZON-02)
1	143.204.99.83 143.204.99.83	16509 (AMAZON-02) (AMAZON-02)
2	199.232.137.181 199.232.137.181	54113 (FASTLY) (FASTLY)
3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2 4	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	54.187.253.2 54.187.253.2	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	151.101.114.110 151.101.114.110	54113 (FASTLY) (FASTLY)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
2 18	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2 6	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
3	52.28.254.214 52.28.254.214	16509 (AMAZON-02) (AMAZON-02)
4 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
3 6	52.59.128.17 52.59.128.17	16509 (AMAZON-02) (AMAZON-02)
3 3	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
6	104.111.230.142 104.111.230.142	16625 (AKAMAI-AS) (AKAMAI-AS)
2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2 6	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
1	52.212.101.97 52.212.101.97	16509 (AMAZON-02) (AMAZON-02)
1 1	54.174.195.234 54.174.195.234	14618 (AMAZON-AES) (AMAZON-AES)
1 2	54.171.173.220 54.171.173.220	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9 19	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	18.185.197.81 18.185.197.81	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	188.42.196.115 188.42.196.115	7979 (SERVERS-COM) (SERVERS-COM)
1	3.215.93.225 3.215.93.225	14618 (AMAZON-AES) (AMAZON-AES)
1 2	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.86.137.132 185.86.137.132	201081 (SMARTADSE...) (SMARTADSERVER)
1	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
1 1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3 4	51.89.21.21 51.89.21.21	16276 (OVH) (OVH)
2 2	18.197.249.149 18.197.249.149	16509 (AMAZON-02) (AMAZON-02)
4 4	51.83.106.180 51.83.106.180	16276 (OVH) (OVH)
1 1	172.104.121.22 172.104.121.22	63949 (LINODE-AP...) (LINODE-AP Linode)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
2 2	18.159.17.140 18.159.17.140	16509 (AMAZON-02) (AMAZON-02)
2	141.226.124.206 141.226.124.206	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.197 141.226.124.197	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.240 141.226.124.240	200478 (TABOOLA-AS) (TABOOLA-AS)
2	141.226.124.221 141.226.124.221	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.239 141.226.124.239	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.124.229 141.226.124.229	200478 (TABOOLA-AS) (TABOOLA-AS)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
241	70

32 103.231.157.164 (New Zealand)

ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ)
PTR: cmsprod2.tvnz.co.nz

www.tvnz.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.98.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-6.fra50.r.cloudfront.net

news-image-prod-imgix.tech.tvnz.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.212.68.88 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-68-88.eu-west-1.compute.amazonaws.com

secure-nz.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:a200:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.226.159.43 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-43.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-49.dus51.r.cloudfront.net

bee.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.99.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-99-83.fra50.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.232.137.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.187.253.2 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-187-253-2.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 141.226.228.48 (Netherlands) 2 redirects

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.28.254.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (United States) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.59.128.17 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.19.35.65 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.230.142 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-230-142.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.101.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.174.195.234 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

beacon.lynx.cognitivlabs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.171.173.220 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 35.244.159.8 (Kansas City, United States) 9 redirects

ASN15169 (GOOGLE, US)

taboola-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.197.81 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.196.115 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.215.93.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-93-225.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 1 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.132 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.21.21 (London, United Kingdom) 3 redirects

ASN16276 (OVH, FR)
PTR: p13.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.249.149 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.83.106.180 (Peyrestortes, France) 4 redirects

ASN16276 (OVH, FR)

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.121.22 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)

s.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.159.17.140 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

a.sportradarserving.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.206 (Israel)

ASN200478 (TABOOLA-AS, IL)

t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t8.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.197 (Israel)

ASN200478 (TABOOLA-AS, IL)

t2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.240 (Israel)

ASN200478 (TABOOLA-AS, IL)

t3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.124.221 (Israel)

ASN200478 (TABOOLA-AS, IL)

t4.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t7.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.239 (Israel)

ASN200478 (TABOOLA-AS, IL)

t5.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.229 (Israel)

ASN200478 (TABOOLA-AS, IL)

t6.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
64	taboola.com 2 redirects cdn.taboola.com trc.taboola.com 15.taboola.com trc-events.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com am-match.taboola.com wf.taboola.com am-vid-events.taboola.com sync-t1.taboola.com sync.taboola.com match.taboola.com t1.taboola.com t2.taboola.com t3.taboola.com t4.taboola.com t5.taboola.com t6.taboola.com t7.taboola.com t8.taboola.com pips.taboola.com cds.taboola.com am-wf.taboola.com	584 KB
39	tvnz.co.nz www.tvnz.co.nz news-image-prod-imgix.tech.tvnz.co.nz	615 KB
19	openx.net 9 redirects taboola-d.openx.net u.openx.net	4 KB
18	googlesyndication.com 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	76 KB
15	doubleclick.net 5 redirects stats.g.doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net Failed	139 KB
14	rubiconproject.com 3 redirects fastlane.rubiconproject.com secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	34 KB
11	imrworldwide.com 2 redirects secure-nz.imrworldwide.com cdn-gl.imrworldwide.com secure-gl.imrworldwide.com bee.imrworldwide.com	71 KB
6	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com ssum-sec.casalemedia.com	7 KB
6	bidswitch.net 3 redirects x.bidswitch.net	2 KB
6	adsrvr.org 2 redirects match.adsrvr.org	2 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
5	google.com www.google.com adservice.google.com	1 KB
5	google-analytics.com www.google-analytics.com	55 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com	2 KB
4	id5-sync.com 3 redirects id5-sync.com	6 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com	3 KB
4	adnxs.com 2 redirects ib.adnxs.com	4 KB
4	google.de www.google.de adservice.google.de	1 KB
4	crazyegg.com script.crazyegg.com	24 KB
4	googleapis.com maps.googleapis.com	158 KB
3	advertising.com pixel.advertising.com	373 B
3	googletagservices.com www.googletagservices.com	86 KB
3	twitter.com platform.twitter.com syndication.twitter.com	132 KB
2	sportradarserving.com 2 redirects a.sportradarserving.com	1 KB
2	360yield.com 2 redirects ice.360yield.com	1015 B
2	lijit.com 1 redirects ce.lijit.com	1018 B
2	contextweb.com 1 redirects bh.contextweb.com	828 B
2	betweendigital.com 2 redirects ads.betweendigital.com	955 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net	997 B
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com	961 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
1	bttrack.com bttrack.com	380 B
1	appier.net 1 redirects s.c.appier.net	362 B
1	criteo.com 1 redirects dis.criteo.com	503 B
1	emxdgt.com e1.emxdgt.com	59 B
1	smartadserver.com rtb-csync.smartadserver.com	697 B
1	pubmatic.com simage2.pubmatic.com	546 B
1	postrelease.com jadserve.postrelease.com	427 B
1	ad4m.at ad4m.at
1	cognitivlabs.com 1 redirects beacon.lynx.cognitivlabs.com	380 B
1	demdex.net dpm.demdex.net
1	2mdn.net s0.2mdn.net	137 KB
1	nr-data.net bam.nr-data.net	275 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	segment.io api.segment.io	142 B
1	segment.com cdn.segment.com	59 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	jsdelivr.net cdn.jsdelivr.net	1 KB
1	cloudflare.com cdnjs.cloudflare.com	29 KB
1	jquery.com code.jquery.com	29 KB
241	51

	Domain	Requested by
32	www.tvnz.co.nz	www.tvnz.co.nz
18	taboola-d.openx.net	9 redirects
11	cdn.taboola.com	www.tvnz.co.nz cdn.taboola.com
9	pagead2.googlesyndication.com	www.tvnz.co.nz tpc.googlesyndication.com 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
8	images.taboola.com	www.tvnz.co.nz
7	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com googleads.g.doubleclick.net
7	news-image-prod-imgix.tech.tvnz.co.nz	www.tvnz.co.nz
6	sync.taboola.com	2 redirects ssum.casalemedia.com
6	cm.g.doubleclick.net
6	eus.rubiconproject.com	am-match.taboola.com eus.rubiconproject.com imprammp.taboola.com
6	x.bidswitch.net	3 redirects am-match.taboola.com imprammp.taboola.com
6	match.adsrvr.org	2 redirects am-match.taboola.com imprammp.taboola.com ssum.casalemedia.com
6	sb.scorecardresearch.com	2 redirects cdn.taboola.com www.tvnz.co.nz
5	www.google-analytics.com	www.googletagmanager.com www.tvnz.co.nz www.google-analytics.com
5	secure-nz.imrworldwide.com	2 redirects www.tvnz.co.nz
4	cookie-matching.mediarithmics.com	4 redirects
4	id5-sync.com	3 redirects
4	sync-t1.taboola.com	am-match.taboola.com imprammp.taboola.com
4	sync.search.spotxchange.com	4 redirects
4	trc.taboola.com	www.tvnz.co.nz
4	ib.adnxs.com	2 redirects www.tvnz.co.nz
4	cdn-gl.imrworldwide.com	www.tvnz.co.nz secure-nz.imrworldwide.com cdn-gl.imrworldwide.com
4	script.crazyegg.com	www.tvnz.co.nz script.crazyegg.com
4	maps.googleapis.com	www.tvnz.co.nz maps.googleapis.com
3	dsum-sec.casalemedia.com	1 redirects ssum.casalemedia.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	secure-assets.rubiconproject.com	3 redirects
3	pixel.advertising.com	am-match.taboola.com imprammp.taboola.com
3	am-vid-events.taboola.com	www.tvnz.co.nz
3	securepubads.g.doubleclick.net	www.googletagservices.com www.tvnz.co.nz
3	www.googletagservices.com	www.tvnz.co.nz securepubads.g.doubleclick.net 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
3	www.google.com	www.tvnz.co.nz tpc.googlesyndication.com
2	a.sportradarserving.com	2 redirects
2	ice.360yield.com	2 redirects
2	ce.lijit.com	1 redirects
2	bh.contextweb.com	1 redirects
2	ads.betweendigital.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	bcp.crwdcntrl.net	1 redirects ssum.casalemedia.com
2	s.amazon-adsystem.com	1 redirects ssum.casalemedia.com
2	ssum.casalemedia.com	1 redirects am-match.taboola.com
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	wf.taboola.com	www.tvnz.co.nz
2	am-match.taboola.com	vidstat.taboola.com
2	googleads.g.doubleclick.net	7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com www.tvnz.co.nz
2	trc-events.taboola.com
2	7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	www.google.de	www.tvnz.co.nz
2	stats.g.doubleclick.net	www.tvnz.co.nz
2	platform.twitter.com	www.tvnz.co.nz platform.twitter.com
1	am-wf.taboola.com	www.tvnz.co.nz
1	cds.taboola.com	www.tvnz.co.nz
1	pips.taboola.com	www.tvnz.co.nz
1	t8.taboola.com	www.tvnz.co.nz
1	t7.taboola.com	www.tvnz.co.nz
1	t6.taboola.com	www.tvnz.co.nz
1	t5.taboola.com	www.tvnz.co.nz
1	t4.taboola.com	www.tvnz.co.nz
1	t3.taboola.com	www.tvnz.co.nz
1	t2.taboola.com	www.tvnz.co.nz
1	t1.taboola.com	www.tvnz.co.nz
1	bttrack.com
1	s.c.appier.net	1 redirects
1	dis.criteo.com	1 redirects
1	e1.emxdgt.com
1	rtb-csync.smartadserver.com
1	simage2.pubmatic.com
1	jadserve.postrelease.com
1	pixel.rubiconproject.com
1	u.openx.net
1	match.taboola.com
1	ad4m.at	ssum.casalemedia.com
1	beacon.lynx.cognitivlabs.com	1 redirects
1	dpm.demdex.net	ssum.casalemedia.com
1	ssum-sec.casalemedia.com	ssum.casalemedia.com
1	s0.2mdn.net	7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
1	imprammp.taboola.com	vidstat.taboola.com
1	15.taboola.com	www.tvnz.co.nz
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.tvnz.co.nz
1	api.segment.io	www.tvnz.co.nz
1	fastlane.rubiconproject.com	www.tvnz.co.nz
1	syndication.twitter.com	platform.twitter.com
1	cdn.segment.com	www.tvnz.co.nz
1	bee.imrworldwide.com	www.tvnz.co.nz
1	secure-gl.imrworldwide.com	www.tvnz.co.nz
1	www.googletagmanager.com	www.tvnz.co.nz
1	cdn.jsdelivr.net	www.tvnz.co.nz
1	cdnjs.cloudflare.com	www.tvnz.co.nz
1	code.jquery.com	www.tvnz.co.nz
241	94

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.reddit.com
www.consumerprotection.govt.nz
www.netsafe.org.nz
om.forgeofempires.com
vbhlb.rdtk.io
www.travelblackboards.com
a-great-intl-work-from-home-in-usa.fyi
popup.taboola.com
tvnz.co.nz
careers.tvnz.co.nz
www.renews.co.nz
sales.tvnz.co.nz
blacksand.co.nz
tvnzgreenroom.co.nz

Subject Issuer	Validity	Valid
*.tvnz.co.nz DigiCert SHA2 High Assurance Server CA	`2020-07-07` - `2021-10-28`	a year	crt.sh
*.tech.tvnz.co.nz Amazon	`2021-03-05` - `2022-04-02`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-05` - `2021-11-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-18` - `2022-03-26`	10 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.segment.com DigiCert SHA2 Secure Server CA	`2020-06-12` - `2021-07-27`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-05-21` - `2022-04-10`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2021-03-01` - `2021-08-24`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2019-06-13` - `2021-06-28`	2 years	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.contextweb.com DigiCert SHA2 Secure Server CA	`2020-05-07` - `2022-05-12`	2 years	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.emxdgt.com Go Daddy Secure Certificate Authority - G2	`2020-05-18` - `2021-07-17`	a year	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Frame ID: 6613470A7BADC93775AFCE1E11713F24
Requests: 167 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.tvnz.co.nz
Frame ID: A5CF079C586C2FB0A9E43318D28631D0
Requests: 2 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 885CC38E7825FD3AAF63F37A47D36933
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: C122BC3BE9E6AA3A1B88598E19057BD3
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F99BD02E96BD04A8B5DDCCF1AC29D9F0
Requests: 1 HTTP requests in this frame

Frame: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DC57AA3D979D0A473069BF30C6B495D0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQq-3iAhjCycyVATAB&v=APEucNXcWBq1GH0ptBgfNfvytTqXt_KRSqLMgIsBBD5NGYGroa3bmbiieS8MkE7Mpi0QA38Motp93YfPXOhGcOAkt0AzmkUkAA
Frame ID: E72211FC7B332D73EB982AEBB6980106
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E76847B231D5AFA38B3265E1F2D46D7A
Requests: 5 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 103F9BE58DFAE3C457923484D25E32EC
Requests: 5 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 3D2BBBF062A246D1771D30B07DD8977F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D2A503B5C8A97FEBAC3C505FD63E44E7
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 3095E79A921F808004ED6C83B3F38526
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: 4BEA310621FB4812F68E49EA7A0A9BD4
Requests: 3 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Frame ID: F0DC95DE92F94285E831C1D2AA6DDFFB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Frame ID: CAF49A134AC667BE313FFA5B66C83791
Requests: 3 HTTP requests in this frame

Frame: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0&tbid=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3&query=taboola_hm%3D33d150ac-28b8-4296-b5f8-38734fe47aa0&isDirect=0
Frame ID: A5A7AA6E50B40D277170C6770B8C9FCB
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Varnish (Cache Tools) Expand

Overall confidence: 100%
Detected patterns

headers via /varnish(?: $Varnish\/([\d.]+)$)?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Page Statistics

241
Requests

95 %
HTTPS

30 %
IPv6

51
Domains

94
Subdomains

70
IPs

11
Countries

2329 kB
Transfer

7723 kB
Size

10
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/dialog/feed?app_id=1458530537567960&redirect_uri=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fsome-people-travelling-australia-nz-required-undergo-pre-departure-covid-19-tests&link=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fsome-people-travelling-australia-nz-required-undergo-pre-departure-covid-19-tests&caption=TVNZ+1+NEWS+%7c+BREAKING+NEWS&name=Some+people+travelling+from+Australia+to+NZ+required+to+undergo+pre-departure+Covid-19+tests&picture=https%3a%2f%2fwww.tvnz.co.nz%2fcontent%2fdam%2fimages%2fnews%2f2020%2f07%2f27%2fcovidtest1.jpg.desktop.story.wide.jpg&description=It+comes+after+New+Zealand+extended+the+pause+on+the+Victoria+bubble+yesterday.+
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fsome-people-travelling-australia-nz-required-undergo-pre-departure-covid-19-tests&text=Some+people+travelling+from+Australia+to+NZ+required+to+undergo+pre-departure+Covid-19+tests&ref=breakingbanner&via=1NewsNZ

Search URL Search Domain Scan URL

URL: https://www.reddit.com/submit?url=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&title=Automated+phone+scam+claims+to+be+DHL+with+goods+for+you+but+all+they+really+want+is+your+personal+information
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/feed?app_id=1458530537567960&redirect_uri=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&link=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&caption=&name=Automated+phone+scam+claims+to+be+DHL+with+goods+for+you+but+all+they+really+want+is+your+personal+information&ref=storyfacebook&picture=https%3a%2f%2fwww.tvnz.co.nz%2fcontent%2fdam%2fimages%2fnews%2f2015%2f06%2f08%2fphone-phonecall-dial-landline-generic-2-3-4.jpg.desktop.story.share.jpg&description=Police+have+issued+a+warning+after+a+number+of+reports+of+the+scam.
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3a%2f%2fwww.tvnz.co.nz%2fone-news%2fnew-zealand%2fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&text=Automated+phone+scam+claims+to+be+DHL+with+goods+for+you+but+all+they+really+want+is+your+personal+information&ref=storytwitter&via=1NewsNZ
Title:

Search URL Search Domain Scan URL

URL: https://www.consumerprotection.govt.nz/general-help/scamwatch
Title: Consumer Protection's Scamwatch website

Search URL Search Domain Scan URL

URL: https://www.netsafe.org.nz/
Title: Netsafe

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/?ref=tab_row_en_mktdet3&&external_param=2966600857&pid=tvnz-onn&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F3b3b873129b66be51373e5b6d7769664.jpeg&tblci=GiDb0scjzv9smtwgZimarnjjH9te3T7YieDeoXKhZ_YRNSDJqD8o546pyqLbg_PVAQ#tblciGiDb0scjzv9smtwgZimarnjjH9te3T7YieDeoXKhZ_YRNSDJqD8o546pyqLbg_PVAQ
Title: Forge of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://vbhlb.rdtk.io/60aba8466e422d000187512c?ref_id=GiDb0scjzv9smtwgZimarnjjH9te3T7YieDeoXKhZ_YRNSD4_1Mo5rKXwLGE3t9b&sub1=tvnz-onn&sub2=https%3A%2F%2Fs3.eu-central-1.amazonaws.com%2Fad-uploads-long%2F1%2Fb0e01795-541d-4700-afa8-22a2e1709e25.jpg&sub3=One+Japanese+Tool+That+Is+Taking+Over+Kitchens+In+Belgium&sub4=2021-05-28+05%3A05%3A38&sub5=Desktop&sub6=10566977&sub7=3000839021&sub8=1173565&utm_campaign=10566977&utm_source=taboola&utm_medium=referral#tblciGiDb0scjzv9smtwgZimarnjjH9te3T7YieDeoXKhZ_YRNSD4_1Mo5rKXwLGE3t9b
Title: Huusk Kitchen

Search URL Search Domain Scan URL

URL: https://www.travelblackboards.com/2020/05/06/hollwood-queens-here-are-some-of-your-classic-tv-film-favorites-and-what-they-are-up-to-now-2/?utm_source=1173565&utm_medium=tvnz-onn&utm_campaign=9851248&utm_term=2990099477&utm_content=maggie#tblciGiDb0scjzv9smtwgZimarnjjH9te3T7YieDeoXKhZ_YRNSCOmkwoh9OVyu3RvIFH
Title: Travel Blackboard

Search URL Search Domain Scan URL

URL: http://a-great-intl-work-from-home-in-usa.fyi/?ref=tvnz-onn.1173565&sub_id=WorkfromHome2aSB-T2-DTM.6269941&sub_id2=tvnz-onn.1173565&tbid=1297808&tbland=view&tbserp=search&rskey=Do+You+Speak+English%3F+Work+a+USA+job+from+home+in+Belgium&compkey=Work+from+Home+from+{{country_name}}#tblciGiDb0scjzv9smtwgZimarnjjH9te3T7YieDeoXKhZ_YRNSCQm08ohduXlIjd9db_AQ
Title: Work from Home | Search Ad

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=tvnz-onn&utm_medium=referral&utm_content=thumbnails-a:Below-Article-Thumbnails-original:
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/1NEWSNZ
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/1newsnz
Title:

Search URL Search Domain Scan URL

URL: http://tvnz.co.nz/tvnz-corporate-comms/tvnz-4880728
Title: About TVNZ

Search URL Search Domain Scan URL

URL: https://careers.tvnz.co.nz/home
Title: Careers

Search URL Search Domain Scan URL

URL: http://tvnz.co.nz/community/our-house-rules-415803
Title: House Rules

Search URL Search Domain Scan URL

URL: https://www.renews.co.nz/
Title: Re:

Search URL Search Domain Scan URL

URL: https://sales.tvnz.co.nz/
Title: Sales & Advertising

Search URL Search Domain Scan URL

URL: http://blacksand.co.nz/
Title: Blacksand

Search URL Search Domain Scan URL

URL: http://tvnzgreenroom.co.nz/
Title: The Green Room

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://secure-nz.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 41

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622178335601&ns_c=UTF-8&cv=3.5&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&c7=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622178335601&ns_c=UTF-8&cv=3.5&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&c7=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&c9=

Request Chain 52

https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1622178337249&ci=nz-nzoom&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&sr=1600x1200&tz=2 HTTP 302
https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1622178337249&ci=nz-nzoom&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&sr=1600x1200&tz=2&ja=1

Request Chain 91

https://sb.scorecardresearch.com/c2/9728626/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 136

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=582bf693-bf72-11eb-8164-1348667f0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---

Request Chain 140

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---&__user_check__=1&sync_id=582bfafd-bf72-11eb-a194-14e583300206 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---

Request Chain 142

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 166

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTI0ZTViMWItZDU2MC02OGRlLTVlNTItNDI0MDQ2ODQ4MjIz

Request Chain 167

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 168

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 172

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 173

https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1--- HTTP 302
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1

Request Chain 177

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLB6JGdlRb2zn-ngUEz1ewAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOz_tWbyiZ71ueeLF50a76E&google_cver=1&gdpr=1

Request Chain 178

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&dcc=t

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI1_9nEx6f9N6HYQXzVa77o&google_cver=1

Request Chain 182

https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=50705a1c-e1a0-4a91-ac8d-69bedc0b76a0&expiration=1653714340

Request Chain 183

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1 HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1

Request Chain 186

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---

Request Chain 187

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---

Request Chain 188

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---

Request Chain 189

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint= HTTP 301
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

Request Chain 192

https://rtb.mfadsrvr.com/sync?ssp=taboola HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola HTTP 302
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0 HTTP 302
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0&tbid=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3&query=taboola_hm%3D33d150ac-28b8-4296-b5f8-38734fe47aa0&isDirect=0

Request Chain 195

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1 HTTP 302
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=e594921b-4afb-5294-aa02-dcf1cab2a6d5

Request Chain 197

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc HTTP 302
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0dUUFRfKJpt6&ev=1&orig=trc&pid=562107

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc HTTP 302
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECldPSXfFuvu89GAGsbYYgU&google_cver=1

Request Chain 201

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3

Request Chain 202

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1 HTTP 302
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=166059d1-49a2-470e-bce2-b1e8b1a1882c

Request Chain 203

https://ce.lijit.com/merge?pid=42&3pid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&us_privacy=&gdpr=0&gdpr_consent= HTTP 302
https://ce.lijit.com/merge?pid=42&3pid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

Request Chain 207

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40 HTTP 302
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3c473ca6-a2c9-49cf-a784-7ad1ba3cef82

Request Chain 208

https://id5-sync.com/s/464/9.gif?puid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/464/464/7/1.gif?puid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOabEG5KgWi_ZUjZgGb-HJJtWLxRW2TtP64UP7NA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOabEG5KgWi_ZUjZgGb-HJJtWLxRW2TtP64UP7NA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
https://id5-sync.com/cq/464/124/6/2.gif?puid=f3784fcb-1f74-4941-bd97-86f8f4ee48fb&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_tc= HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESELGPLKdLRcz9HLiU47ytxh4&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELGPLKdLRcz9HLiU47ytxh4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELGPLKdLRcz9HLiU47ytxh4%26sd%3DY2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY%26action%3DGET_ID%26etid%3D%26domid%3D1033 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7616681636554558723&opid=apx&ops=&utidl=tech:goo:CAESELGPLKdLRcz9HLiU47ytxh4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
https://id5-sync.com/qp/18.gif?puid=vec%3A17734611330&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Request Chain 209

https://s.c.appier.net/taboola HTTP 302
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Xt7ZVkr9A8uh_qNFJXqwYA

Request Chain 211

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent= HTTP 302
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola HTTP 302
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f4e7707e-ef92-4e34-9b04-566db8ab22d2&ssp=taboola HTTP 302
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f1bd355-c4ca-45d7-a8d1-387bae3a0a73

Request Chain 229

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 230

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 231

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 232

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---

Request Chain 233

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---

Request Chain 234

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---

Request Chain 237

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0ZjMwZjQtNTQ4NC02YzQ5LTQ3MzctMTZjNmQwYmNlODhk

Request Chain 238

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU0Mjg4MmItNWI1Yy02NzA5LTZjOGYtMzg1MTYyMjI2Mjhk

Request Chain 239

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Request Chain 240

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---

Request Chain 241

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---

Request Chain 242

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1--- HTTP 302
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---

241 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information Show response
www.tvnz.co.nz/one-news/new-zealand/ 148 KB
31 KB 1558ms
325ms Document
text/html 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

644ec2ca87b013f9b7369ff6f3bd345d3aed281c079d62fa2d3dc283105b5726

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Host: www.tvnz.co.nz
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 27 May 2021 15:35:45 GMT
Server: Apache
X-Content-Type-Options: nosniff nosniff
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt
Vary: X-Device-Class
Cache-Control: no-cache, no-store, must-revalidate
X-HashTwo: X-Story-Id=/content/tvnz/onenews/story/2018/05/10/scam X-Asset-Id=/content/dam/images/news/2015/06/08/phone-phonecall-dial-landline-generic-2-3-4.jpg
s-maxage: 604800
Content-Type: text/html; charset=UTF-8
X-Device-Class: desktop
Content-Encoding: gzip
X-Varnish: 588327198 566656827
Age: 48588
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors none
Via: Varnish C2
X-VHIT: HIT
Transfer-Encoding: chunked
Connection: keep-alive

GET
H/1.1 200
OK clientlibs_bootstrap4.min.ebbad4186e106fc5c3938af5fb09afdb.css
www.tvnz.co.nz/etc/designs/news/ 144 KB
21 KB 904ms
314ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_bootstrap4.min.ebbad4186e106fc5c3938af5fb09afdb.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

07bc93663fe992c36e5bfa1b5855290f85da961b98961a58d870d0b8c759dfc5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112201
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 20607
Access-Control-Allow-Origin: *
Last-Modified: Wed, 11 Dec 2019 21:28:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 589576607 494927163
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK clientlibs_now_ui.min.ef61df62e005a2cac25c9fe58eab8120.css
www.tvnz.co.nz/etc/designs/news/ 232 KB
32 KB 1219ms
602ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_now_ui.min.ef61df62e005a2cac25c9fe58eab8120.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

cb9ada87bbf9fdb5f29272260ee39e26ef9845752a4393b4931d1517e7baac9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112193
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 32203
Access-Control-Allow-Origin: *
Last-Modified: Sun, 29 Jul 2018 21:45:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588856850 563675003
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK clientlibs_tvnz_icon.min.0edc0e96f9dad4a987347a62e9868141.css
www.tvnz.co.nz/etc/designs/news/ 2 KB
1 KB 927ms
309ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_tvnz_icon.min.0edc0e96f9dad4a987347a62e9868141.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

2b2ae4ef2de940fe521de3210e9b64120eedda806b404dd8265dad7435f3aab8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112192
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 655
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Nov 2018 18:36:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 586700387 565818155
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
www.tvnz.co.nz/etc/designs/news/ 270 KB
30 KB 1238ms
612ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

e0b3ed829fbab8e90f60abbab0fe77f7a1b6da2f1badd19b33c99c22c7f074a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112206
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 30221
Access-Control-Allow-Origin: *
Last-Modified: Wed, 07 Oct 2020 00:26:47 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 586700390 564352536
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK header.min.9137c004d4969768cde3a78bd59353d3.css
www.tvnz.co.nz/etc/designs/news/ 7 KB
2 KB 678ms
322ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/header.min.9137c004d4969768cde3a78bd59353d3.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

0d66d4f71e1591fda296a304e3f30b96c38643877cbafe56ade654b01d7e3879

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112192
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1550
Access-Control-Allow-Origin: *
Last-Modified: Wed, 22 Apr 2020 08:16:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 586700394 516324591
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK 1News_logo_black_horizontal.svg
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/ 6 KB
3 KB 606ms
322ms Image
image/svg+xml 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/1News_logo_black_horizontal.svg

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

26e3f3f75c2b5ada68d0b005a9b28ea8bbba6ed89e78e94ec1e605e8691547ce

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112201
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 2335
Access-Control-Allow-Origin: *
Last-Modified: Wed, 11 Dec 2019 21:28:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431145 566265749
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK socialSharing.min.d1e7b897e4fbc26acb9a75a1b0aca81e.css
www.tvnz.co.nz/etc/designs/news/ 6 KB
2 KB 309ms
308ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/socialSharing.min.d1e7b897e4fbc26acb9a75a1b0aca81e.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

20b9cbec874f68a539e74e82bd30db235ed0f93f36389d26fc4116a0332f1584

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:32 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112203
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1609
Access-Control-Allow-Origin: *
Last-Modified: Wed, 11 Dec 2019 21:28:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588210475 562507603
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK newsletterSignup.min.38b55680ad2a9d33b67fd2c8ff6e4091.css
www.tvnz.co.nz/etc/designs/news/ 3 KB
2 KB 309ms
309ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/newsletterSignup.min.38b55680ad2a9d33b67fd2c8ff6e4091.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

e260085bb2f6e35ccd8701c007bc9bc0ef2807f932cf3687bbdbd905e9651a72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:51 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112184
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1056
Access-Control-Allow-Origin: *
Last-Modified: Wed, 04 Mar 2020 21:47:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588210493 565818781
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 mb-trans.png.originalImage.hashed.b0833b50.png
news-image-prod-imgix.tech.tvnz.co.nz/etc/designs/news/assets/images/ 28 KB
29 KB 89ms
28ms Image
image/png 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/etc/designs/news/assets/images/mb-trans.png.originalImage.hashed.b0833b50.png

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

432549f2238667aa778f89028a38728df57594985efacf8cc1375929e869b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 00:40:41 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4988165
x-cache: Hit from cloudfront
x-imgix-id: 85f122c68bc8af17d8befe84c35a736901f355c2
content-length: 28947
x-served-by: cache-sjc10023-SJC, cache-hhn4024-HHN
last-modified: Sat, 13 Mar 2021 22:35:47 GMT
server: imgix
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: JoR6NGgT3AetwnSndSL8zUEjqaIekUOlOzFgOqIsqOrxjAAZEQwU5Q==

GET
H/1.1 200
OK mostPopularStories.min.fbe105777cdd1476cd3cbf33830ba091.css
www.tvnz.co.nz/etc/designs/news/ 5 KB
2 KB 313ms
313ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/mostPopularStories.min.fbe105777cdd1476cd3cbf33830ba091.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

8959dabf16f1cbe173522716882cbb37d9d30b506cb9cbb5e2aec15bd64c0d7b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112201
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1031
Access-Control-Allow-Origin: *
Last-Modified: Wed, 04 Mar 2020 21:47:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431129 565194353
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK topStories.min.fd0c8c1d38f0eef6e2196c809ac79c22.css
www.tvnz.co.nz/etc/designs/news/ 5 KB
2 KB 328ms
324ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/topStories.min.fd0c8c1d38f0eef6e2196c809ac79c22.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

78b254c5cc1faadff7cb18699e0156ebc11cd66d174aa6e474a33e458fb16252

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112201
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1018
Access-Control-Allow-Origin: *
Last-Modified: Wed, 04 Mar 2020 21:47:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431132 565194355
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK todaysFeaturedStories.min.a2b98c75182a4a85304b5cfad3beabe8.css
www.tvnz.co.nz/etc/designs/news/ 6 KB
2 KB 316ms
312ms Stylesheet
text/css 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/todaysFeaturedStories.min.a2b98c75182a4a85304b5cfad3beabe8.css

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

95bcc84037498c7d4ac857c53ac95303c8960fc287f9f5b7016b2a9ea6e32120

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112202
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1038
Access-Control-Allow-Origin: *
Last-Modified: Wed, 04 Mar 2020 21:47:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431130 562507759
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: text/css; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK adbid-0.33.0.js Show response
www.tvnz.co.nz/etc/designs/news/prebid/js/ 309 B
966 B 310ms
309ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/prebid/js/adbid-0.33.0.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

a6015bdcb4f8a9b533a29f1bfadab27d59c6db97d3e972f15e2a8c47394a8c52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112209
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 216
Access-Control-Allow-Origin: *
Last-Modified: Sun, 22 Apr 2018 22:46:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 580404979 564352525
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=86400, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK prebid-1.24.1.min.js Show response
www.tvnz.co.nz/etc/designs/news/prebid/js/ 133 KB
42 KB 313ms
312ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/prebid/js/prebid-1.24.1.min.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

6ee70a1fb920afb5bbd7ee8bc412050d3d70e57aff3defb311f95540a5ff351e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112208
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 42513
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Nov 2018 18:36:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588327221 564352539
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=86400, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 jquery-2.2.4.min.js Show response
code.jquery.com/ 84 KB
29 KB 32ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.4.min.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

Origin: https://www.tvnz.co.nz
Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:24:41 GMT
server: nginx
etag: W/"573f4859-14e4a"
vary: Accept-Encoding
x-hw: 1622178335.dop008.fr8.t,1622178335.cds282.fr8.hn,1622178335.cds130.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29811

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 95 KB
29 KB 31ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6793) /
Resource Hash: a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:35 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 17:57:32 GMT
Server: ECS (frb/6793)
Age: 1096
Etag: "9eb59e5602fef4b3ebf6090856ff21db+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 28779

GET
H/1.1 200
OK clientlibs_all.min.100c52b85e19ba56f38f71b26e89268c.js Show response
www.tvnz.co.nz/etc/designs/news/ 729 KB
218 KB 321ms
317ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_all.min.100c52b85e19ba56f38f71b26e89268c.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

3f482c62b7a6766422f865cc8a6109995863b7f74311837f86b5d73b178e1ccc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112200
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 222293
Access-Control-Allow-Origin: *
Last-Modified: Wed, 07 Oct 2020 00:26:47 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588210494 565194358
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK clientlibs_publisher.min.75996375d27cc90024ab9c69a3cab55a.js Show response
www.tvnz.co.nz/etc/designs/news/ 8 KB
4 KB 321ms
317ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_publisher.min.75996375d27cc90024ab9c69a3cab55a.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

f399e618c9dfbfc848e3ee24304532d88a5291cc5b027eea2733d425f1dd1a0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112193
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 2885
Access-Control-Allow-Origin: *
Last-Modified: Wed, 19 Jun 2019 02:16:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431131 516324598
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK newsletterSignup.min.97ea87cf4295378692a336eee3cbc9a2.js Show response
www.tvnz.co.nz/etc/designs/news/ 314 B
969 B 314ms
313ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/newsletterSignup.min.97ea87cf4295378692a336eee3cbc9a2.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

be58f3228b7d5bdcb21741899f24150c596149e029409ca24b7afc509dbb9d82

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112195
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 234
Access-Control-Allow-Origin: *
Last-Modified: Thu, 20 Feb 2020 21:37:04 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 590258810 565194466
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/ 125 KB
29 KB 17ms
14ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.5.0/js/swiper.min.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1934880
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28876
cf-request-id: 0a52f622a000004e25ffa06000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1f3be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=LBVfLu9mnBxyqG1OQBqVf6e6fv9vL9rdkVjdG1UGtmBAfeaDKHbwnvOjWeygUtDiVzFImaAznLHqmEySEcuRGGfvtAZrdCbKX5LESlffj5TWpoD0Oo%2Fbmm5lUYqTP82AXhvqkMl7eSVg5GIJXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6564f2e42ae94e25-FRA
expires: Wed, 18 May 2022 05:05:35 GMT

GET
H2 200 lozad.min.js Show response
cdn.jsdelivr.net/npm/lozad@1.9.0/dist/ 2 KB
1 KB 26ms
5ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/lozad@1.9.0/dist/lozad.min.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1905612
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 1043
etag: W/"957-xqUr0j2ncaRO0s0ohKrTDJH6Y0U"
x-served-by: cache-fra19126-FRA, cache-hhn4036-HHN
date: Fri, 28 May 2021 05:05:35 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 127 KB
42 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?sensor=false

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

c6d61aaf37f9712de63cd827248a50bec48bd05169a6e4c558cb950c8c6fb763

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
server-timing: gfet4t7; dur=9
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42484
x-xss-protection: 0
expires: Fri, 28 May 2021 05:35:35 GMT

GET
H/1.1 200
OK brightcove.min.58d513eb7b056d3c5067d8e4430db47e.js Show response
www.tvnz.co.nz/etc/designs/core/ 1 KB
1 KB 323ms
322ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/core/brightcove.min.58d513eb7b056d3c5067d8e4430db47e.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

db9027c17f2432fa1db45d8676b78581b2c9320607162f9504e1f217de9b30e8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112198
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 608
Access-Control-Allow-Origin: *
Last-Modified: Fri, 05 Aug 2016 01:05:27 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 590189149 563674995
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK clientlibs.min.ae71b0937b4f04692bd76978b73fa5a3.js Show response
www.tvnz.co.nz/etc/designs/news/storypage/ 2 KB
2 KB 310ms
309ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/storypage/clientlibs.min.ae71b0937b4f04692bd76978b73fa5a3.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

e81ce86cc2a8a4e10c410fb81cc69052532e08edc52df11939930be3bfc0ac9d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112202
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1012
Access-Control-Allow-Origin: *
Last-Modified: Wed, 13 Mar 2019 00:02:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 580404971 564385858
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK header.min.fc97a83527497237855c58fb6a17f7a1.js Show response
www.tvnz.co.nz/etc/designs/news/ 6 KB
3 KB 311ms
310ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/header.min.fc97a83527497237855c58fb6a17f7a1.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

5249a65c658368bba23e8114a544f9c5c3509f0e946993fe6932a1b965016336

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112202
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 2125
Access-Control-Allow-Origin: *
Last-Modified: Wed, 22 Apr 2020 08:16:28 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588856896 565194337
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK publisher.min.713c929660b9fb069b782f9b4be726e8.js Show response
www.tvnz.co.nz/etc/designs/analytics/ 3 KB
2 KB 314ms
313ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/analytics/publisher.min.713c929660b9fb069b782f9b4be726e8.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

18cf88c5ca493ca8689496899b6563ba764b9d722db230e82c89e2126b674c93

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112195
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 1269
Access-Control-Allow-Origin: *
Last-Modified: Wed, 18 Mar 2020 22:36:36 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588856897 494927374
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK storypage_public.min.e3bf14e50f687df6f0e25077644b1ccc.js Show response
www.tvnz.co.nz/etc/designs/news/ 7 KB
3 KB 315ms
315ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/storypage_public.min.e3bf14e50f687df6f0e25077644b1ccc.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

bfe8a8399335a9e831961e7ff19fecf946fbcc1b264904f0413b5aa963ad66fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:33 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112203
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 2287
Access-Control-Allow-Origin: *
Last-Modified: Wed, 18 Mar 2020 22:36:38 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588856898 562507776
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK irisTV.min.38378e002da566e3530d8fd3010f0417.js Show response
www.tvnz.co.nz/etc/designs/news/ 2 KB
2 KB 323ms
322ms Script
application/javascript 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/irisTV.min.38378e002da566e3530d8fd3010f0417.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

ea3286f7dcada5de0df3bce7c768b7588e7670e5da6c24134d95dcc45302dadd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112202
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 916
Access-Control-Allow-Origin: *
Last-Modified: Wed, 19 Jun 2019 02:16:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 590189161 494927241
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 9669.js Show response
script.crazyegg.com/pages/scripts/0074/ 4 KB
2 KB 31ms
15ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0074/9669.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56b79cdf18dd5343633d14f5abc973e61e7e4a686ee68ecc7c12c00020a56da6

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 43592
cf-polished: origSize=4157
ce-version: 11.1.300
cf-request-id: 0a52f622c900004dbedd9ec000000001
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:59:03 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
cf-ray: 6564f2e47a1a4dbe-FRA
cf-bgj: minify

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-nz.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

30ms
9ms

Script
application/javascript

2600:9000:2182:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 60679
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Thu, 27 May 2021 12:14:17 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: WK_Vapj0TdKdaarLJHKQroKLcScLGQ-PfJqJNXOXIQ0mxuGolwwGrQ==

Redirect headers

location: https://cdn-gl.imrworldwide.com:443/v60.js
date: Fri, 28 May 2021 05:05:35 GMT
server: awselb/2.0
content-length: 134
content-type: text/html

GET
H/1.1 200
OK 1News_logo_white_horizontal.svg
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/ 6 KB
3 KB 314ms
314ms Image
image/svg+xml 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/1News_logo_white_horizontal.svg

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

9b0d9cbd6693c6ff72c886cbf77216bdb5c441d58f03db1fbea73a7b13a61506

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112202
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 2523
Access-Control-Allow-Origin: *
Last-Modified: Wed, 11 Dec 2019 21:28:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 590189179 559808328
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/tvnz-onn/ 209 KB
27 KB 67ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b0b26d33b2d232a3ed1ab13e10c556413c87fcae611a72c8d8de751edf706f47

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: GF2ki9jdCcFwURg4kGSUiHw6SlFzxGl2
content-encoding: gzip
etag: "59472dcd164209e83d6dd00e5e92e510"
age: 97
x-cache: HIT
content-length: 27039
x-amz-id-2: o9OIt0yHHZBwRasulmT8BgUqad8Krgv56KulrYKdcAL/P/7e7jUYQcN9LSj5JimsbBcVQlw9QUY=
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 27 May 2021 12:26:00 GMT
server: AmazonS3
x-timer: S1622178335.476331,VS0,VE1
date: Fri, 28 May 2021 05:05:35 GMT
vary: Accept-Encoding
x-amz-request-id: TCSSJ5057CKHW4H9
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 53
x-cache-hits: 1

GET
H/1.1 200
OK weathersprites.svg
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/ 156 KB
30 KB 865ms
311ms Image
image/svg+xml 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/weathersprites.svg?version=801015329

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

41c9566a1f0dee8caefa4f5de27a4ff09a3b49113fb611330630af21bf6e95c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
Connection: keep-alive
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112201
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 29482
Access-Control-Allow-Origin: *
Last-Modified: Thu, 02 Jul 2015 01:03:24 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 580404955 566265757
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
DATA 200
OK truncated
/ 989 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb93ff9862cf1239fbcbee65b55d9ad4d628b4fff81211d30b26300e8408b1db

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 461 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c7a00a62dae47f84c711b16709096c817de4dd6d5daebfaa62e15365eb35eb0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 595 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70806dacb0ef3342d6ad33c650254efb88e0c6f6fa5982c4d8b099c63d8b55c3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK blacksans-condensedmedium-webfont.woff2
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/fonts/blacksans/WOFF2/ 16 KB
17 KB 577ms
310ms Font
application/octet-stream 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/fonts/blacksans/WOFF2/blacksans-condensedmedium-webfont.woff2

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

23aeb7a53ddb973f84b0701a8c26c591112fc5964ec298eea1e59bb10e010e66

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.tvnz.co.nz
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
Connection: keep-alive
Origin: https://www.tvnz.co.nz
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:03:42 GMT
Via: Varnish C2
X-Content-Type-Options: nosniff nosniff
Age: 114
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 16636
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt
Last-Modified: Wed, 21 Feb 2018 01:21:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 585956482 590119886
Access-Control-Allow-Origin: *
X-VHIT: HIT
Cache-Control: no-cache, no-store, must-revalidate, s-maxage=300
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/octet-stream
X-Device-Class: desktop

GET
H/1.1 200
OK icomoon.ttf
www.tvnz.co.nz/etc/designs/news/clientlibs_tvnz_icon/fonts/ 9 KB
6 KB 594ms
315ms Font
application/x-font-ttf 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_tvnz_icon/fonts/icomoon.ttf?x4njpj

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_tvnz_icon.min.0edc0e96f9dad4a987347a62e9868141.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

9eff3eec886851564187fbed699376c7b2e61a326b2592e94c28d4ab84beda71

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.tvnz.co.nz
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_tvnz_icon.min.0edc0e96f9dad4a987347a62e9868141.css
Connection: keep-alive
Origin: https://www.tvnz.co.nz
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_tvnz_icon.min.0edc0e96f9dad4a987347a62e9868141.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:31 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112204
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 5158
Access-Control-Allow-Origin: *
Last-Modified: Mon, 26 Nov 2018 18:36:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431142 564385704
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/x-font-ttf
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H/1.1 200
OK blacksans-condensedbold-webfont.woff2
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/fonts/blacksans/WOFF2/ 16 KB
16 KB 606ms
309ms Font
application/octet-stream 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/fonts/blacksans/WOFF2/blacksans-condensedbold-webfont.woff2

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

958d05b6fbb5007d70cf4fb13838905b3dc6dc9fe978a8764ee0bcca04094628

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.tvnz.co.nz
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
Connection: keep-alive
Origin: https://www.tvnz.co.nz
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:03:43 GMT
Via: Varnish C2
X-Content-Type-Options: nosniff nosniff
Age: 112
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 16120
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt
Last-Modified: Wed, 21 Feb 2018 01:21:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431143 585956186
Access-Control-Allow-Origin: *
X-VHIT: HIT
Cache-Control: no-cache, no-store, must-revalidate, s-maxage=300
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/octet-stream
X-Device-Class: desktop

GET
H/1.1 200
OK blacksans-condensedbook-webfont.woff2
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/fonts/blacksans/WOFF2/ 17 KB
18 KB 620ms
317ms Font
application/octet-stream 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/fonts/blacksans/WOFF2/blacksans-condensedbook-webfont.woff2

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

26af9a3fef351c2062eb9c6c15ab619007535b14fadca82a40f1c902928db8e7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.tvnz.co.nz
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
Connection: keep-alive
Origin: https://www.tvnz.co.nz
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:12 GMT
Via: Varnish C2
X-Content-Type-Options: nosniff nosniff
Age: 24
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 17328
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt
Last-Modified: Wed, 21 Feb 2018 01:21:13 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 587431144 589576294
Access-Control-Allow-Origin: *
X-VHIT: HIT
Cache-Control: no-cache, no-store, must-revalidate, s-maxage=300
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/octet-stream
X-Device-Class: desktop

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 81ms
26ms Script
application/javascript 13.226.159.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-43.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 04:36:45 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1731
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: MUfYzmN55Ry6ELFfHkxmCWy_i2vTReYG4PR1s201-Jek--xAD-UR1g==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1622178335601&ns_c=UTF-8&cv=3.5&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20r...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622178335601&ns_c=UTF-8&cv=3.5&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20...

64 B
330 B

36ms
36ms

Image
image/gif

13.226.159.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622178335601&ns_c=UTF-8&cv=3.5&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&c7=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&c9=
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-43.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: L41yFENozOb4IQJX0NDOfHP9j96ZuWhgfW1LPAsJJF9lRYht8s7GTg==

Redirect headers

date: Fri, 28 May 2021 05:05:35 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1622178335601&ns_c=UTF-8&cv=3.5&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&c7=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&c9=
content-length: 455
x-amz-cf-id: zPxSOXvCwrKQ7FhdFft6WLlX5NU4B-a75Gvcujdjxd9GLPAmI4mD9A==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
38 KB 20ms
20ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N9769B

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1b599c23546e51ea3380c250b1420a47f265218edb7a58562323dee909fa7ac5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38902
x-xss-protection: 0
last-modified: Fri, 28 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 May 2021 05:05:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N9769B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 2323
date: Fri, 28 May 2021 04:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 28 May 2021 06:26:52 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
338 B 31ms
30ms Image
text/plain 13.226.159.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=9728626&ns__t=1622178335774&ns_c=UTF-8&c8=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&c7=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&c9=
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-43.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:35 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: nmD9jN9Eq-VANta1e89FuaalszLqhXaRu6312Rq9XJBi7Q0VCG9Xyw==
x-cache: Miss from cloudfront

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 0
430 B 173ms
148ms Image
text/plain 2600:9000:2156:1400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn49193&cr=crtve&ce=tvnz&pc=tvnz_plc0001&ci=nlsnci1300&am=3&at=view&rt=banner&st=image&r=1658680792
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:35 GMT
via: 1.1 9eb0e845437929074828e0cf53f179af.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
x-cache: Miss from cloudfront
content-length: 0
x-amz-cf-id: CyPlf66bqwdB1TQLQ3uBV7mX8KwIFsM5tHnanWiQp5AOuTSMEgHjmQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
88 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-808429-47&cid=916350160.1622178336&jid=1847384207&gjid=1213718561&_gid=482593085.1622178336&_u=YGBAgAABAAAAAE~&z=1456676065

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 May 2021 05:05:35 GMT
content-type: text/plain
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=920705593&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&ul=en-us&de=UTF-8&dt=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgAAB~&jid=1847384207&gjid=1213718561&cid=916350160.1622178336&tid=UA-808429-47&_gid=482593085.1622178336&gtm=2wg5q1N9769B&z=1187152361

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 18:54:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36651
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
108 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-808429-47&cid=916350160.1622178336&jid=1847384207&_u=YGBAgAABAAAAAE~&z=724569195

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-808429-47&cid=916350160.1622178336&jid=1847384207&_u=YGBAgAABAAAAAE~&z=724569195

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 37ms
16ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_all.min.100c52b85e19ba56f38f71b26e89268c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c83cd4afd9a3acd6ea6655fb9b5eeb23a90c0b4cd6a424c6faa0dee9a80ca5a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "885 / 573 of 1000 / last-modified: 1622153417"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21474
x-xss-protection: 0
expires: Fri, 28 May 2021 05:05:37 GMT

GET
H2 200 match Show response
bee.imrworldwide.com/v1/clients/ 91 B
558 B 181ms
124ms XHR
application/json 13.226.159.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bee.imrworldwide.com/v1/clients/match?client_id=nz-nzoom&url=https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.159.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-159-49.dus51.r.cloudfront.net

Software

Resource Hash

1ef97bf373048cb034965423351318ae7ffedb65f6c8601c38eda238c097653a

Security Headers

Name	Value
Strict-Transport-Security	max-age=25920000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
vary: Accept-Encoding
content-length: 104
x-xss-protection: 1; mode=block
access-control-allow-origin: *
x-frame-options: DENY
strict-transport-security: max-age=25920000; includeSubDomains
content-type: application/json; charset=utf-8
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
cache-control: max-age=3600
access-control-allow-credentials: true
x-amz-cf-id: ZpfFgihOQaQ1FBeVDI8EHD1gjqDIqDtiIinLRU6f1hx0ktop2xb0qA==

GET
H2

200

m
secure-nz.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1622178337249&ci=nz-nzoom&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fau...
https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1622178337249&ci=nz-nzoom&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fau...

44 B
336 B

37ms
36ms

Image
image/gif

52.212.68.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1622178337249&ci=nz-nzoom&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&sr=1600x1200&tz=2&ja=1
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.68.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-68-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:37 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-nz.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:37 GMT
server: nginx
location: https://secure-nz.imrworldwide.com/cgi-bin/m?rnd=1622178337249&ci=nz-nzoom&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&sr=1600x1200&tz=2&ja=1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-nz.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-length: 0
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK 1nn-footer-bg.svg
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/ 5 KB
3 KB 310ms
310ms Image
image/svg+xml 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/1nn-footer-bg.svg

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

c403bc76d0b9c194c95e88eb22cfcc91ea7f00181df3c66835eb19c53e3cbfff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:55:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112203
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 1841
Access-Control-Allow-Origin: *
Last-Modified: Sun, 29 Jul 2018 21:45:20 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 585956526 494927243
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 9669.json Show response
script.crazyegg.com/pages/data-scripts/0074/ 5 KB
1 KB 34ms
18ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/data-scripts/0074/9669.json?t=1
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d19a369e94c363a77d8ea69f50bdb1c1a2a7828fc18747f892b74d0a033cbe

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 43437
ce-version: 11.1.300
content-length: 1055
cf-request-id: 0a52f62a05000032507f143000000001
timing-allow-origin: *
last-modified: Thu, 27 May 2021 17:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6564f2f008e03250-FRA

GET
H/1.1 200
OK news.live.json Show response
www.tvnz.co.nz/api/content/tvnz/ 259 B
813 B 313ms
313ms XHR
application/json 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tvnz.co.nz/api/content/tvnz/news.live.json

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

cbab69ef04499e19f9482e2a413c078b73a20955a8122be551d1f3eb26cad573

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: application/json, text/javascript, */*; q=0.01
Cache-Control: no-cache
Sec-Fetch-Dest: empty
X-Requested-With: XMLHttpRequest
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1
Connection: keep-alive
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:19 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 18
X-Device-Class: desktop
Connection: keep-alive
Content-Length: 157
Access-Control-Allow-Origin: *
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 590189204 590582811
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=120, s-maxage=300
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: application/json
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/5rmpPOwqak1a9fKhmk4ED06RZiL5Doey/ 378 KB
59 KB 93ms
34ms Script
text/javascript 143.204.99.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/5rmpPOwqak1a9fKhmk4ED06RZiL5Doey/analytics.min.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/analytics/publisher.min.713c929660b9fb069b782f9b4be726e8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.99.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-99-83.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33b73fda0ee6af8a5835d5851fc53884c101400b3975addd2c57e894f7cdfeec

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: A4vPCLX4LEhL5c4VwZpZtPhWMSw43acE
content-encoding: br
etag: W/"211211205f617fead721d9beaf73834a"
age: 109
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Sat, 22 May 2021 07:12:39 GMT
server: AmazonS3
date: Fri, 28 May 2021 05:03:49 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: nd8DzyxuSXnEXr0trnxxi3J1aNkUgXe1vBGdwnYWMigzKAxrwj49Ug==

GET
H2 200 load.js Show response
widget.perfectmarket.com/tvnz-onn/ 3 KB
2 KB 239ms
179ms Script
application/javascript 199.232.137.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/tvnz-onn/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcf57ee734b4f25d2b5c90f3e91af7c8c27081a818f1890cd1ca3a3c5511490f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: Q2vgDmP9TA4sYCdVYItV6eWkapJi15.a
content-encoding: gzip
etag: "3902a280f7204b26daa265db3db57019"
age: 0
x-cache: HIT, MISS
content-length: 1170
x-amz-id-2: QXHHOta/JL5KqclRMRFFFL/dc0TVJMQtuo20mnFKpDtlWVeWZJcI5aDDyK26Tbn05bWD+xVWJFs=
x-served-by: cache-lax10625-LGB, cache-hhn11571-HHN
last-modified: Tue, 07 Apr 2020 11:25:40 GMT
server: AmazonS3
x-timer: S1622178337.364147,VS0,VE157
date: Fri, 28 May 2021 05:05:37 GMT
vary: Accept-Encoding,,
x-amz-request-id: 1884C88YY66RWPBM
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20210527-9-RELEASE.js Show response
cdn.taboola.com/libtrc/ 491 KB
113 KB 23ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: da8da07ffa93f21d6759c3621e1862524e7c303443d58fcbb8a950b84455eaac

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 2sM3riWCXoa9TBeO03uAos9N9yiwnoIa
content-encoding: br
etag: "03cd29942e6903e6ca83ace91ad1c27a"
age: 16608
x-cache: HIT
content-length: 115011
x-amz-id-2: cCpclkZhN+6aWC8sPvoD3GOY0PnXkoRLZOSwP09nJ6//3dvIZzluO1ikHELtSAew/IQ392B8Ycw=
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 27 May 2021 08:27:19 GMT
server: AmazonS3-br
x-timer: S1622178337.306213,VS0,VE0
date: Fri, 28 May 2021 05:05:37 GMT
vary: Accept-Encoding
x-amz-request-id: XNAAD661CRDHV79Y
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 43
x-cache-hits: 53605

GET
H/1.1 200
OK widget_iframe.06c6ee58c3810956b7509218508c7b56.html Show response
platform.twitter.com/widgets/ Frame A5CF 319 KB
103 KB 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.tvnz.co.nz
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67BA) /
Resource Hash: 5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tvnz.co.nz/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 110670
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 28 May 2021 05:05:37 GMT
Etag: "dab7ee9ff99366614e06e117bab5e542+gzip"
Last-Modified: Wed, 28 Apr 2021 17:56:54 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/67BA)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105298

GET
H2 200 11.1.300.js Show response
script.crazyegg.com/pages/versioned/common-scripts/ 62 KB
21 KB 12ms
12ms Script
text/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/versioned/common-scripts/11.1.300.js
Requested by: Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0074/9669.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e4d123c873c45c977353c0f5cf2c5b4f20ed8c75b65e048d42f528e8dd4f271

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 43594
cf-ray: 6564f2f03dee4dbe-FRA
content-length: 21022
cf-request-id: 0a52f62a2600004dbec3a92000000001
last-modified: Mon, 24 May 2021 13:28:27 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 phone-phonecall-dial-landline-generic-2-3-4.jpg.-1146857411.png
news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2015/06/08/ 26 KB
26 KB 54ms
51ms Image
image/webp 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2015/06/08/phone-phonecall-dial-landline-generic-2-3-4.jpg.-1146857411.png?fm=webp&w=784&h=441&fit=crop

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

1851d63a593ae620b7145ff833808690238d87ec5705081bdc3d0a6f4733b64a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 1283881
x-cache: Miss from cloudfront
x-imgix-id: 6658c42626c16b4bd4ae396fe1a352997a54edc4
content-length: 26546
x-served-by: cache-sjc10021-SJC, cache-hhn4058-HHN
last-modified: Thu, 13 May 2021 08:27:35 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: _Dnk1XHLQqSEslOMBr2c_dfeK-1NwwNhbLCsRn0J5LksZZMYXTEwVQ==
cross-origin-resource-policy: cross-origin

GET
H2 200 police-release-video-of-man-wanted-over-concerning-incident-outs.-1617132461.png
news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/ 9 KB
10 KB 30ms
28ms Image
image/webp 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/police-release-video-of-man-wanted-over-concerning-incident-outs.-1617132461.png?fm=webp&w=300&h=168.75&fit=crop

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

77cfa4551c08ff8c0d5d3101244f82abbd011d57cd8e872f74bc208fef776d07

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 04:06:29 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 4252
x-cache: Hit from cloudfront
x-imgix-id: 4def263fd8256af3df69989d58a51665f0289d38
content-length: 9542
x-served-by: cache-sjc10054-SJC, cache-hhn4060-HHN
last-modified: Fri, 28 May 2021 03:54:45 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: p7L3AzC5Q0nkFpbSk2ZKJeYFr59FobnHa9oTVNRfKdtzPL6LABgABQ==
cross-origin-resource-policy: cross-origin

GET
H2 200 manu-samoa-coach-says-great-opportunity-beckons-for-young-squad..236798001.png
news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/ 8 KB
8 KB 26ms
24ms Image
image/webp 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/manu-samoa-coach-says-great-opportunity-beckons-for-young-squad..236798001.png?fm=webp&w=110&h=110&fit=crop

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

fa50d3b4d4151ae175f3ca8507f2cf042a9c270387b7375e7e035c62b0a2d349

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 22:29:09 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 25156
x-cache: Hit from cloudfront
x-imgix-id: 520417b5f5c40853dc261b0c3e451a93aef886e7
content-length: 7790
x-served-by: cache-sjc10078-SJC, cache-hhn4069-HHN
last-modified: Thu, 27 May 2021 22:06:20 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: eaOzUI8GVdu93oiffYIXg2QYdHBslizk6VHBd8J8VWJntVtGmcO2Gg==
cross-origin-resource-policy: cross-origin

GET
H2 200 police-at-the-scene-of-a-homicide-in-aucklands-thuhu.png.-104848962.png
news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/23/ 7 KB
8 KB 32ms
29ms Image
image/webp 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/23/police-at-the-scene-of-a-homicide-in-aucklands-thuhu.png.-104848962.png?fm=webp&w=110&h=110&fit=crop

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

ec888d01cb1a946d2210a9ffd8b5677c8543e86717bfa1fcf62be66e1263f611

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 00:38:01 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 16825
x-cache: Hit from cloudfront
x-imgix-id: 92dbfce3aa40a3453162d46e6eefb6681f8a338e
content-length: 7648
x-served-by: cache-sjc10070-SJC, cache-fra19154-FRA
last-modified: Fri, 28 May 2021 00:25:12 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: MPlzqURm9ti2ddMLOg-0LhwPLUOdxqAYAqjKk-J3UGYVbpLPH_dm7w==
cross-origin-resource-policy: cross-origin

GET
H2 200 m2.jpg.1564121423.png
news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/ 7 KB
7 KB 35ms
33ms Image
image/webp 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/m2.jpg.1564121423.png?fm=webp&w=110&h=110&fit=crop

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

9afb6dc52966e9ebcdbd87dd951bf87f02f4a38da842a6b437647292ed88d795

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 03:57:52 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 6360
x-cache: Hit from cloudfront
x-imgix-id: 0276975dc92ff1b8eb119b9ac4e03d43577db268
content-length: 6890
x-served-by: cache-sjc10050-SJC, cache-hhn4067-HHN
last-modified: Fri, 28 May 2021 03:19:37 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: gKAs88RbOJ0wcWCNW52i11EN1TtSO6XLbDSbuMPsiU3E1hCgAhb_YA==
cross-origin-resource-policy: cross-origin

GET
H2 200 LisaShaw.jpg.-51216184.png
news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/ 7 KB
8 KB 32ms
30ms Image
image/webp 143.204.98.6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://news-image-prod-imgix.tech.tvnz.co.nz/api/v1/web/image/content/dam/images/news/2021/05/28/LisaShaw.jpg.-51216184.png?fm=webp&w=110&h=110&fit=crop

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-6.fra50.r.cloudfront.net

Software

imgix /

Resource Hash

a6d78b380c6989a8c16b9d19647f6b3a2e46cbc19ac16f4408841f2f683eb023

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 03:32:51 GMT
via: 1.1 6b8ac2d6d64dc42007741d312e2d73ab.cloudfront.net (CloudFront)
x-content-type-options: nosniff
age: 8256
x-cache: Hit from cloudfront
x-imgix-id: c255d6d7dff2aed9fd19ac6d6ae1951bfad4a92c
content-length: 7490
x-served-by: cache-sjc10078-SJC, cache-fra19160-FRA
last-modified: Fri, 28 May 2021 02:48:01 GMT
server: imgix
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31556926
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: uFu40R6Q7BODIVCCzo6bEmpLH1syXYWf1ses6zjKtiVzS3H5ftMHjA==
cross-origin-resource-policy: cross-origin

GET
H2 200 pubads_impl_2021052601.js Show response
securepubads.g.doubleclick.net/gpt/ 311 KB
110 KB 98ms
32ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 08:37:30 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111649
x-xss-protection: 0
expires: Fri, 28 May 2021 05:05:37 GMT

GET
H2 200 9669.json Show response
script.crazyegg.com/pages/sampling-data-scripts/0074/ 298 B
277 B 16ms
14ms XHR
application/json 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/sampling-data-scripts/0074/9669.json?t=450605
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c5821f4a655bc605e3195f8940db31bbc3075b50c26d1111f2b3c8781ec6e0b

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 43437
ce-version: 11.1.300
content-length: 187
cf-request-id: 0a52f62a4800003250e5122000000001
timing-allow-origin: *
last-modified: Thu, 27 May 2021 17:01:40 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: CE-Version
cache-control: public, max-age=300, s-maxage=1209600
accept-ranges: bytes
cf-ray: 6564f2f079763250-FRA

GET
H2 200 settings Show response
syndication.twitter.com/ Frame A5CF 256 B
442 B 182ms
129ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=3ac4f58f8f990766b638ce1cde0476263b34d25f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.06c6ee58c3810956b7509218508c7b56.html?origin=https%3A%2F%2Fwww.tvnz.co.nz

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:36 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 05:05:37 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 955b6303cbb0af48c50c2f56b91b6dfb11458e70866127b39a8c9c1413f4a432
content-length: 176

GET
H2 200 stories-vertical-ui.20210527-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 585 B
694 B 26ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/stories-vertical-ui.20210527-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fef269571f27c369be45dbc589fce9730f1e137492437ceea15fec31d0838038

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: VM_P6ATm6NC37hBr_wK6qGsq0YerB.GQ
content-encoding: gzip
etag: "abc3c8830dd92efa306d2b6ef1668783"
age: 73
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 317
x-amz-id-2: 6Okdj9PGAXz+sYjb+QRgXkaxBTAhD3IQGQLotGGwuAhgOPBvm54OTTq6w4yzZg7o/EMttsR8nvA=
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 27 May 2021 13:49:49 GMT
server: AmazonS3
x-timer: S1622178337.400146,VS0,VE0
date: Fri, 28 May 2021 05:05:37 GMT
vary: Accept-Encoding
x-amz-request-id: ZWZXZN1VP08DYXDX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 993

GET
H2 200 config250.js Show response
cdn-gl.imrworldwide.com/conf/ 12 KB
5 KB 9ms
9ms Script
application/javascript 2600:9000:2182:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Requested by: Host: secure-nz.imrworldwide.com
URL: https://secure-nz.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d0d2f9b28dcd14612f48999bd80d0ba7dae6961ccabe50825a3ddb526a14aced

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 28 May 2021 04:19:21 GMT
content-encoding: gzip
last-modified: Fri, 28 May 2021 03:20:39 GMT
server: AmazonS3
age: 2777
etag: W/"0828d897572de9d327c8612fa7da2ff0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: t2I6xoXVNUshLf4ziYC5RS4gdck2syXU
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-pop: DUS51-C1
content-type: application/javascript
x-amz-cf-id: nbrzuTxn9L2EiGEDfO5tb9JWxK5y25n6Ejv9fWcFCtvZcWDOD4mtew==

GET
H3-29 200 js Show response
www.google-analytics.com/gtm/ 88 KB
35 KB 18ms
18ms Script
application/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PD84BRQ&cid=916350160.1622178336

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7b555d871b455fb30a2fbb8b953c3ed2edd0ecd016ca2d0eac4252ac774ab06f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35313
x-xss-protection: 0
last-modified: Fri, 28 May 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 May 2021 05:05:37 GMT

GET
H3-29 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
882 B 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 04:28:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2211
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Fri, 28 May 2021 05:28:46 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 269 B
2 KB 228ms
137ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=14232&site_id=164302&zone_id=792282&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&kw=news%2Cmid&tg_i.vertical=news&tg_i.pos=mid&tk_flint=pbjs_lite_v1.24.1&x_source.tid=63cbb810-1475-4836-8efa-ccd7b7142857&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7283976242930414
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2eaf6c67288d401f80dd6a98dd8da3bae85b4fbb47ee18039793256ab7872268

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:37 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.tvnz.co.nz
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 269
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 48 B
744 B 63ms
20ms XHR
application/json 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:37 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.155:80
AN-X-Request-Uuid: 0b853930-0893-40cf-8199-676ea6fcea93
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.tvnz.co.nz
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 48
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 36ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tvnz.co.nz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 50ms
21ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tvnz.co.nz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 450 B
261 B 98ms
60ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=322373512307079&correlator=3935298341042365&output=ldjh&impl=fifs&eid=31061328&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210528&iu_parts=4180%2Cnews%2Cnew-zealand&enc_prev_ius=%2F0%2F1%2F1%2F2&prev_iu_szs=1920x384%7C970x250&prev_scp=pos%3Dtop&eri=1&cust_params=sourc%3Done-news%26site%3Dnews%26pt%3Dnews-story%26sectn%3Dnews-new-zealand%26topic%3Dcrime-and-justice%26id%3DQ203535%26platform%3Ddesktop&cookie_enabled=1&bc=31&abxe=1&lmt=1622178337&dt=1622178337604&dlt=1622178333533&idt=4014&frm=20&biw=1600&bih=1200&oid=3&adxs=0&adys=180&adks=1765077764&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=1920x10&ga_vid=916350160.1622178336&ga_sid=1622178338&ga_hid=920705593&ga_fc=false&fws=132&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

7bb9a72728e3d19459195b5e9f781812ad2c6bfbc434c5890a49849268357a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 62ms
14ms Other
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 45ms
8ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 188 KB
53 KB 13ms
12ms Script
application/javascript 2600:9000:2182:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/config250.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: peRL4Yb0Ubr51vTPkyyXuScofZHOG6Uw
content-encoding: gzip
etag: W/"60cee9f8a6ab7076638a1b6a01bc9269"
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
server: AmazonS3
age: 2824
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Fri, 28 May 2021 04:18:34 GMT
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: 5zrKTVqYE-iYen45n2TQNs-hRyaBJainjhuIsx92HtjGkwv2e84bGw==

GET
H2 200 pmk-202003261.3.js Show response
widget.perfectmarket.com/tvnz-onn/ 111 KB
30 KB 34ms
23ms Script
application/javascript 199.232.137.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/tvnz-onn/pmk-202003261.3.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/tvnz-onn/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df9be695800b5cd396bd40230f37315191784929d929663167158ccf4e7ca5a0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: OWSzkdJM3Gd4JXeJ2nEeTsb4qmsDT45m
content-encoding: gzip
etag: "4c57edfe51a21ba3b2109f84287a86bd"
age: 4218666
x-cache: HIT, HIT
content-length: 30931
x-amz-id-2: qVZVaxH/Glt7z1ow4rLJYFzmiCHd+ilS2pMEMp/X5DckkE6x22iBqPrFaiSOpVdvwJnKIotKKVw=
x-served-by: cache-lax10635-LGB, cache-hhn11571-HHN
last-modified: Tue, 07 Apr 2020 11:25:40 GMT
server: AmazonS3
x-timer: S1622178338.663066,VS0,VE0
date: Fri, 28 May 2021 05:05:37 GMT
vary: Accept-Encoding,,
x-amz-request-id: Q3BCXCA6THR9CSJ4
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 2

POST
H2 200 t Show response
api.segment.io/v1/ 21 B
142 B 556ms
186ms XHR
application/json 54.187.253.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.segment.io/v1/t
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.253.2 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-253-2.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: 12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.tvnz.co.nz
date: Fri, 28 May 2021 05:05:38 GMT
content-length: 21
vary: Origin
content-type: application/json

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-808429-63&cid=916350160.1622178336&jid=484584493&gjid=365818288&_gid=482593085.1622178336&_u=aGDAgEAjQAAAAE~&z=1496526752

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 May 2021 05:05:37 GMT
content-type: text/plain
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=920705593&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&ul=en-us&de=UTF-8&dt=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%20%7C%201%20NEWS%20%7C%20TVNZ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=article&ea=article%20shown&el=Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%2CQ203535&ev=0&_u=aGDAgEAjQAAAAE~&jid=484584493&gjid=365818288&cid=916350160.1622178336&tid=UA-808429-63&_gid=482593085.1622178336&cd12=prod&z=142232353

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 27 May 2021 18:54:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 36653
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 885C 12 KB
4 KB 9ms
9ms Document
text/html 2600:9000:2182:a200:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a200:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: SSCVER=v1; IMRID=570e1610-bf72-11eb-80e5-3bd16cb1dcc3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

content-type: text/html
last-modified: Wed, 28 Apr 2021 14:18:22 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: qVegwTBMlTpBRiATWIEjsovJ4qexekXG
server: AmazonS3
content-encoding: gzip
date: Fri, 28 May 2021 04:06:35 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: RTNiAYYtklMP6vucJfPPONnW8r703ziBh1LKAdoeH6ntB1INInJ9rw==
age: 3543

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 17ms
16ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-808429-63&cid=916350160.1622178336&jid=484584493&_u=aGDAgEAjQAAAAE~&z=183089804

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
24ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-808429-63&cid=916350160.1622178336&jid=484584493&_u=aGDAgEAjQAAAAE~&z=183089804

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gn
secure-nz.imrworldwide.com/cgi-bin/ Frame 885C 88 B
380 B 37ms
37ms Image
image/gif 52.212.68.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,NA&sessionId=gzpujnksaazsfztsjvln5kiaxpnek1622178337&c16=sdkv,bj.6.0.0&retry=0
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.68.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-68-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:37 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-nz.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 88
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 nr-1118.min.js Show response
js-agent.newrelic.com/ 24 KB
9 KB 70ms
21ms Script
application/javascript 151.101.114.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1118.min.js
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "bc81ced41f6342ffafc5ff34bc0fc8f7"
x-amz-request-id: PP407HCJVD24Z3VG
x-cache: HIT
content-length: 9288
x-amz-id-2: lEONAGbaUHaF/Lpbbjwix6OU1CcnZ3t59WBwucMmVrqIX37zUyJF7mewO1YX9kndnMy8uXAh9s4=
x-served-by: cache-hhn4036-HHN
last-modified: Wed, 02 Jan 2019 18:42:29 GMT
server: AmazonS3
x-timer: S1622178338.829369,VS0,VE0
date: Fri, 28 May 2021 05:05:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 55

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/9728626/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
349 B

26ms
26ms

Script
application/javascript

13.226.159.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-43.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 04:41:39 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
etag: "d41d8cd98f00b204e9800998ecf8427e"
last-modified: Mon, 01 Mar 2021 20:42:20 GMT
server: AmazonS3
age: 1440
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 0
x-amz-cf-id: _KeKcuv2HK7r0Ml89d9ByawmYWOI3sObjiz2q8WHR83eSM8r0qI_HA==

Redirect headers

date: Fri, 28 May 2021 05:05:37 GMT
via: 1.1 bb45d9db269295920003af6514d7e7eb.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: /internal-c2/default/cs.js
content-length: 48
x-amz-cf-id: f-dsRxCYP7Z_d6KYF7zdomxmnvlCVkVXjct5Vb4e39dbg4nPA554vw==

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 41ms
18ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052601&st=env

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03cb99c415445a8ec6a250edc30509513887053f89c8338965ff01f7f2d552ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7621
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tvnz.co.nz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tvnz.co.nz

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 1003ms
1003ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=322373512307079&correlator=3386245781232090&output=ldjh&impl=fifs&eid=31061328&vrg=2021052601&ptt=17&sc=1&sfv=1-0-38&ecs=20210528&iu_parts=4180%2Cnews%2Cnew-zealand&enc_prev_ius=%2F0%2F1%2F1%2F2&prev_iu_szs=300x250%7C300x600&prev_scp=pos%3Dmid&eri=1&cust_params=sourc%3Done-news%26site%3Dnews%26pt%3Dnews-story%26sectn%3Dnews-new-zealand%26topic%3Dcrime-and-justice%26id%3DQ203535%26platform%3Ddesktop&cookie=ID%3Dd4b1d34d4d2fea17-2289e37729c8005b%3AT%3D1622178337%3AS%3DALNI_MYNBZOoLYLgqSvNDJsZKqHhqQG8iw&bc=31&abxe=1&lmt=1622178337&dt=1622178337812&dlt=1622178333533&idt=4014&frm=20&biw=1600&bih=1200&oid=3&adxs=1093&adys=212&adks=1034387422&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&vis=1&dmc=8&scr_x=0&scr_y=0&psz=405x1972&msz=300x0&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=916350160.1622178336&ga_sid=1622178338&ga_hid=920705593&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

1cf1ee7418456de511c383c7124e3645112e8315d88fda8ed205b6fb17c8c85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7224
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 28 May 2021 05:05:37 GMT

GET
H/1.1 200
OK 657721bf45 Show response
bam.nr-data.net/1/ 57 B
275 B 437ms
108ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/657721bf45?a=57140938&sa=1&v=1118.0c07c19&t=Unnamed%20Transaction&rst=5889&ref=https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&be=3411&fe=5804&dc=5300&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1622178331971,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:597,%22c%22:597,%22s%22:611,%22ce%22:1234,%22rq%22:1234,%22rp%22:1559,%22rpe%22:2154,%22dl%22:1562,%22di%22:5299,%22ds%22:5299,%22de%22:5331,%22dc%22:5803,%22l%22:5803,%22le%22:5807%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1118.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: 5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame C122 12 KB
5 KB 8ms
8ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Thu, 27 May 2021 23:11:02 GMT
expires: Fri, 27 May 2022 23:11:02 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21275
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F99B 783 B
534 B 17ms
17ms Document
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d1b35b46af3fb8a1f38c07cbc9a3e2b105d2dc8ef052908f26c47c39701ed6ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2K9GP6aGGKH619GN715QEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

expires: Fri, 28 May 2021 05:05:37 GMT
date: Fri, 28 May 2021 05:05:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-2K9GP6aGGKH619GN715QEQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame C122 14 KB
6 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 May 2022 19:38:04 GMT

GET
H/1.1 200
OK sprites.svg
www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/ 72 KB
18 KB 316ms
315ms Image
image/svg+xml 103.231.157.164
TVNZ-AS-NZ Televi...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tvnz.co.nz/etc/designs/news/clientlibs_less/content/images/structure/sprites.svg?version=801015329

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

103.231.157.164 , New Zealand, ASN37999 (TVNZ-AS-NZ Television New Zealand, NZ),

Reverse DNS

cmsprod2.tvnz.co.nz

Software

Apache /

Resource Hash

def62bb5838df5507f37343e2c8a643a46f4a4c0abfd4226d84cf7258c5c9a62

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.tvnz.co.nz
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
Cookie: _ga=GA1.3.916350160.1622178336; _gid=GA1.3.482593085.1622178336; _dc_gtm_UA-808429-47=1; ajs_anonymous_id=%222a001390-3ee6-4087-98c5-b53f3f98c337%22; _gat=1; __gads=ID=d4b1d34d4d2fea17-2289e37729c8005b:T=1622178337:S=ALNI_MYNBZOoLYLgqSvNDJsZKqHhqQG8iw; _tb_sess_r=; _tb_t_ppg=https%3A//www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Connection: keep-alive
Referer: https://www.tvnz.co.nz/etc/designs/news/clientlibs_less.min.f8894d3956b6f19f055327a0741ca196.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 26 May 2021 21:56:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff nosniff
Age: 112119
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 18034
Access-Control-Allow-Origin: *
Last-Modified: Wed, 10 May 2017 01:43:18 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: X-Device-Class
Access-Control-Allow-Methods: POST, PUT, GET, DELETE, OPTIONS
X-Varnish: 588210507 561312458
Via: Varnish C2
X-VHIT: HIT
Cache-Control: max-age=31536000, s-maxage=604800
Content-Security-Policy: frame-ancestors none
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-Device-Class: desktop
Access-Control-Allow-Headers: origin, content-type, X-Leg, vpt

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 40ms
39ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052601&jk=322373512307079&bg=!TU6lTgrNAAaMan2LjGo7ACkAdvg8WmWNsmUJOkMtZ5zaeHnXCycVyyi_n7Sj6u5KuCvOan9mW5HoIQIAAACIUgAAABBoAQcKAFA3YiSICNbNKG4LPoySorFlR0Hlw4DUfirmSmon0u_llRV-2VODC_qQawYmdfaqQp3XZfPU5yjnMXvHtBST1QGX0l4haLB0oT-bmidqrZLDQJkCR0U6cwHbsR4pgF1ipHK5P9_P0x-DbeWqzqFUZSZ9jfiVlXoIs4P1WZSXOXH0EvTMzBkjhVUIOliYYQ89bG89_8g86tDI2yeaQAML6gLpKXS2q61Xzz7Obdc5FkM_c2b2YIvpIQtDvL3DHP4BaREFCTHqqgVvVBNOLNz_ioS5cJ6MWzpYtsi_0LrY3DGpGdb6xUmhw90QvNnwZmxCO0tkceBM7NqI_swi1dVb_A0qWnGmcMwXzt3mfktrMOVfQ2LK-6jWq3UUiucT_Tiv1Dn5z_OhkeN2EVDpCHjyAVZ2tORLunBNYWJPQRO7r30QnRaOmnBwktT68obvRaonDhsjtNE3J9edj0DK3DdhTocn_bucx-8H2WJGK936ucG98WuYpLAG7rGQpaovG-M5h0RBe-rTTx_fOaedAVusyb8j4e3f55Z1QSL3CJHeINFF5rA31QvF7ZoU-mdEp5hWP0L8NIZXF_LNGQTa8pGSKA7NdHJ3azHAJ6EY-Tb1MYYatBFc0eaJ4-wno0mMjih6BV_Orcd0wWtFOXt1GJ6PUtWwF5O1bEdNanmRRIYIBHz_G7zGAaTbWE93ikfdNstKx5i9B0POsrHVsJdMxYQUIVElK0NniokAKkocGP5FaDoOUkyYIe7rJx_MoZwSb6zf-Q4YK3DwfRDy2kO-YxsuUUgGkRUmrme3c5sA2n8dUcch6AYkmhBbOeQ077Rz4knhqNjONJWScy4zhKV-oRVN7bpepdmyJczFU8dWjBo7-oLI7IOcPgYelJ3KMV4

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/tvnz-onn/trc/3/ 12 KB
5 KB 372ms
370ms XHR
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tvnz-onn/trc/3/json?tim=07%3A05%3A38.251&lti=deflated&data=%7B%22id%22%3A935%2C%22ii%22%3A%22%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1622118324636%2C%22vi%22%3A1622178338249%2C%22cv%22%3A%2220210527-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3205%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below-Article-Thumbnails-original%22%2C%22orig_uip%22%3A%22Below-Article-Thumbnails-original%22%2C%22cd%22%3A2184.375%2C%22mw%22%3A30%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22organic-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Organic-Organic-Below-Article-Thumbnails-original%22%2C%22orig_uip%22%3A%22Organic-Organic-Below-Article-Thumbnails-original%22%2C%22cd%22%3A2184.375%2C%22mw%22%3A30%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9924cf37dd958daf0d43371effd7c8c33dadb41380398a40ea16e7cd2cd424c3

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 348
date: Fri, 28 May 2021 05:05:38 GMT
content-encoding: gzip
server: nginx
x-timer: S1622178338.261293,VS0,VE348
x-served-by: cache-hhn11567-HHN
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 27ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: scc9i0WjBcezJETEcKeKlmIHFeg5X8y4
content-encoding: gzip
etag: "559c107d74fc83d8062b2553a1818b07"
age: 1302
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5911
x-amz-id-2: PcZdxd4MAAFykcoOHYcgyv+TEhcU7OKI7t0br8QAKbOSr4qga/V09bIEDue+m1dl1lmqkJ1sz9E=
x-served-by: cache-hhn11567-HHN
last-modified: Mon, 03 May 2021 12:43:43 GMT
server: AmazonS3
x-timer: S1622178339.641294,VS0,VE0
date: Fri, 28 May 2021 05:05:38 GMT
vary: Accept-Encoding
x-amz-request-id: 7QPCNXQEEQ4QGPWX
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 43
x-cache-hits: 17304

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
979 B 26ms
26ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 22591
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: WKHOafpT9qf7ClanGhqGwcczB303Ax3znQ9/m3xHolnoZIR6HeT7S39m4QTumo+QVxjz+gbVzlI=
x-served-by: cache-hhn11567-HHN
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1622178339.641265,VS0,VE0
date: Fri, 28 May 2021 05:05:38 GMT
vary: Accept-Encoding
x-amz-request-id: CR4E2RJ6SANDVYVF
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 43
x-cache-hits: 170263

GET
H2 200 tfa-eid.20210527-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 13 KB
5 KB 25ms
25ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210527-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: df5978120ab661004f993de1c4f2fc1c119207c7342f4022b7f4167ced53bd28

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7GnNCOEiHR2YJW9HNJ1E8Ct_GsynAKYk
content-encoding: gzip
etag: "c35d628c6e0b3546cf86e573667d36a2"
age: 79
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4867
x-amz-id-2: /GDclUjSHRewakDJdTC7bCyGxET147dhulqkUIJEfowd9FsVohEFpdoDG5J7R3kDbcn4vLUTBEk=
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 27 May 2021 13:49:43 GMT
server: AmazonS3
x-timer: S1622178339.643419,VS0,VE0
date: Fri, 28 May 2021 05:05:38 GMT
vary: Accept-Encoding
x-amz-request-id: 0W06227CYQ3YJ7SD
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 849

GET
H2 200 sha256.20210527-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 26ms
26ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210527-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f5be796439b66283c7bc23da4d3ea539144f96b3a4f2b5e2c1cabd7a395e3a23

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3QrS4ahqnU3OHSVskFg6yr3GAmYaVkAR
content-encoding: gzip
etag: "3363a7849a8697294d3ea0866a30dc36"
age: 69
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2595
x-amz-id-2: ZoOzQgH2XKqVdhs5t2Gl7DzG+vDqEO96SU2MQzOEoQEQMMhwTKVL4Pa7SG9uiTNdVKVfRVspx2s=
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 27 May 2021 13:49:56 GMT
server: AmazonS3
x-timer: S1622178339.643411,VS0,VE0
date: Fri, 28 May 2021 05:05:38 GMT
vary: Accept-Encoding
x-amz-request-id: RTNR5DCB2G7WX3WW
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 697

GET
H2 200 c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
cdn.taboola.com/static/c5/ 3 KB
2 KB 24ms
22ms Image
image/svg+xml 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/c5/c5ef96bc-30ab-456a-b3d5-a84f367c6a46.svg
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3GoWmPpnzFDs5CP3.ebHbCmhALWQMuvH
content-encoding: gzip
etag: "11d8569a7da0739259e3ac0b0d666e94"
age: 22
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1502
x-amz-id-2: PGN/lYcTAuSi/MNWOJm3dVXxxz7RRN93HfTp0aANABigGXjbmQ3o5K5po7u/0jHFq1YVyDQhBP8=
x-served-by: cache-hhn11567-HHN
last-modified: Sun, 10 Jun 2018 13:23:55 GMT
server: AmazonS3
x-timer: S1622178339.670562,VS0,VE0
date: Fri, 28 May 2021 05:05:38 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: BB337Z3A15895W67
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 43
x-cache-hits: 21

GET
H2 200 tb Show response
15.taboola.com/ 31 KB
9 KB 41ms
40ms XHR
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=tvnz-onn&unitType=226&tbloc=&pageType=text&pstn=Below-Article-Thumbnails-original&uuip=&cisrf=&cirf=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&encoded=1&uid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&variant=892792|311113911&callback=TRC.videoTagCallbacks.videoCallback1&cb=1622178338667&tagid=&cntry=BE&platform=1&sesid=30084dd82075c9d402bfb41872f19983&itemid=/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&viewid=1622178338249&geolat=&geoing=&deviceifa=&appid=&sd=v2_30084dd82075c9d402bfb41872f19983_cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2_1622178338_1622178338_CNawjgYQvdBHGMmr9IqbLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ&ri=d64cea798e11db4cc26fe0dcf1e01aec&appname=&cdb=&gdprApplies=true&rid=&sii=-4812816253734059991&oee=true&tpubid=1173565&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=VAN&hasGDPRConsent=true&tcfVersion=&cmpStatus=&tnetid=1173563&prcnt=&layer=
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 524ca9e9311fb0f453c92d7b435c877ba7f76b8ef23cd0f7071dcbd531c8653e

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 28 May 2021 05:05:38 GMT
content-encoding: gzip
access-control-allow-origin: https://www.tvnz.co.nz
machineid: 1451
x-cache: MISS
xvid-debug: mrmr - :
x-served-by: cache-hhn11567-HHN
pragma: no-cache
server: nginx
x-timer: S1622178339.675919,VS0,VE17
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
expires: Sat, 26 Jul 1997 05:00:00 GMT
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
x-cache-hits: 0

GET
H2 200 userx.20210527-9-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 23 KB
8 KB 22ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20210527-9-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/tvnz-onn/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c8598654642759a89e6001b1f75b30fcd92b1e788cd490853985dabfc490d13

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: v8S6Tu3lFF8PRA6oD1gNvwyB1rRNXpt5
content-encoding: gzip
etag: "b76de45322e6195e9c4bcb13f978b180"
age: 76
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 7954
x-amz-id-2: AUyMlhxiQ3JgMmD67JyJQY3Z+97csa/V2Efi95WQytZ1Ggxp+GECsT+Nz45Clk7/7FBGl252kiA=
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 27 May 2021 13:49:38 GMT
server: AmazonS3
x-timer: S1622178339.675577,VS0,VE0
date: Fri, 28 May 2021 05:05:38 GMT
vary: Accept-Encoding
x-amz-request-id: N2EEJBHT124CPDA8
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 43
x-cache-hits: 109

GET
H2 204 social
trc-events.taboola.com/tvnz-onn/log/3/ 0
275 B 77ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tvnz-onn/log/3/social?route=AM:IL:V&lti=deflated&ri=d64cea798e11db4cc26fe0dcf1e01aec&sd=v2_30084dd82075c9d402bfb41872f19983_cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2_1622178338_1622178338_CNawjgYQvdBHGMmr9IqbLyABKAEwFjjqxgdA4IYQSP7m2QNQ____________AVgAYABosa_ptcr9986tAQ&ui=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&pi=/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&wi=-4812816253734059991&pt=text&vi=1622178338249&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Automated%20phone%20scam%20claims%20to%20be%20DHL%20with%20goods%20for%20you%20but%20all%20they%20really%20want%20is%20your%20personal%20information%22%2C%22sec%22%3A%22new-zealand%22%2C%22aut%22%3A%5B%22Television%20New%20Zealand%20Ltd%22%5D%2C%22img%22%3A%22https%3A%2F%2Fnews-image-prod-imgix.tech.tvnz.co.nz%2Fcontent%2Fdam%2Fimages%2Fnews%2F2015%2F06%2F08%2Fphone-phonecall-dial-landline-generic-2-3-4.jpg.hashed.c2a0631a.desktop.story.share.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=07%3A05%3A38.674&id=4054&llvl=1&cv=20210527-9-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:38 GMT
server: nginx
x-fastly-to-nlb-rtt: 3985
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
tbl-x-upstream: 10.40.0.134:10213

GET
H2 204 debug
trc-events.taboola.com/tvnz-onn/log/2/ 0
61 B 74ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/tvnz-onn/log/2/debug?tim=07%3A05%3A38.676&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbnails-a&id=556&cv=20210527-9-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:38 GMT
x-fastly-to-nlb-rtt: 3985
server: nginx

GET
H2 200 3b3b873129b66be51373e5b6d7769664.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
26 KB 25ms
23ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7ab0219591836b96d5f05b28451af615ef6349fac602f7aced9720eabee1acf

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 1894385
edge-cache-tag: 343955008864550298737709319544917916478,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Fri, 28 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
content-length: 26532
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Tue, 27 Apr 2021 05:45:16 GMT
server: nginx
x-timer: S1622178339.690122,VS0,VE1
etag: "46061cd48809ff04b62e0d92e3e65aa0"
x-served-by: cache-wdc5574-WDC, cache-dca17773-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 b0e01795-541d-4700-afa8-22a2e1709e25.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/ 7 KB
8 KB 24ms
22ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/b0e01795-541d-4700-afa8-22a2e1709e25.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1be2e948c35e67ede6d1381a2059900e0d783ff35ea6840efac25a93250b4886

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 290592
edge-cache-tag: 430937201640067671289363037686763642256,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 531
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/b0e01795-541d-4700-afa8-22a2e1709e25.jpg
content-length: 7230
x-request-id: c8846b9a788f7cdbd74b61f3f7a008b5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 24 May 2021 19:38:41 GMT
server: nginx
x-timer: S1622178339.690218,VS0,VE0
etag: "9337f9fba71e68b3e94f85fe1b23ca96"
x-served-by: cache-wdc5557-WDC, cache-dca17777-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 11a9b15642b0363eff0f99a242a84305.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
5 KB 27ms
26ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11a9b15642b0363eff0f99a242a84305.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53f304eb433c811cb5479a41313bd87e1dd2c31ec798415378325b5fa7969736

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 3052291
edge-cache-tag: 295925094799410044935824217338449409416,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11a9b15642b0363eff0f99a242a84305.jpg
content-length: 4482
x-request-id: 71f239d39c927ce08cfc16a2725f3815
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Fri, 02 Apr 2021 12:27:30 GMT
server: nginx
x-timer: S1622178339.690269,VS0,VE1
etag: "10d2ba71fce31f0880f752827ff43424"
x-served-by: cache-wdc5549-WDC, cache-dca17741-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1

GET
H2 200 screenshot_20200620-161346_chrome8919488166401086506_1000x600_f8bb9a353e4a4601bd7b13223f9b4736.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ 5 KB
6 KB 26ms
25ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/screenshot_20200620-161346_chrome8919488166401086506_1000x600_f8bb9a353e4a4601bd7b13223f9b4736.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 740bf5f1aecd507647d455f3c9c19b7a405307adb22085c9f6887d57a7f42862

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 1073003
edge-cache-tag: 415879825527955842250053461490911193612,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 34
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/screenshot_20200620-161346_chrome8919488166401086506_1000x600_f8bb9a353e4a4601bd7b13223f9b4736.png
content-length: 5504
x-request-id: 49bbf448e879339411d25b32c9b8cd49
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 29 Apr 2021 05:07:59 GMT
server: nginx
x-timer: S1622178339.690122,VS0,VE1
etag: "275a2901323afb395b5249fb5f7946d9"
x-served-by: cache-wdc5541-WDC, cache-dca17745-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 3b3b873129b66be51373e5b6d7769664.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 26 KB
27 KB 23ms
22ms Image
image/webp 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a7ab0219591836b96d5f05b28451af615ef6349fac602f7aced9720eabee1acf

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 1894385
edge-cache-tag: 343955008864550298737709319544917916478,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 37
expiration: expiry-date="Fri, 28 May 2021 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3b3b873129b66be51373e5b6d7769664.jpeg
content-length: 26532
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb105
last-modified: Tue, 27 Apr 2021 05:45:16 GMT
server: nginx
x-timer: S1622178339.717394,VS0,VE0
etag: "46061cd48809ff04b62e0d92e3e65aa0"
x-served-by: cache-wdc5574-WDC, cache-dca17773-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/b0e01795-541d-4700-afa8-22a2e1709e25.jpg
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1be2e948c35e67ede6d1381a2059900e0d783ff35ea6840efac25a93250b4886

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 290592
edge-cache-tag: 430937201640067671289363037686763642256,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 98
x-envoy-upstream-service-time: 531
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//s3.eu-central-1.amazonaws.com/ad-uploads-long/1/b0e01795-541d-4700-afa8-22a2e1709e25.jpg
content-length: 7230
x-request-id: c8846b9a788f7cdbd74b61f3f7a008b5
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Mon, 24 May 2021 19:38:41 GMT
server: nginx
x-timer: S1622178339.717384,VS0,VE0
etag: "9337f9fba71e68b3e94f85fe1b23ca96"
x-served-by: cache-wdc5557-WDC, cache-dca17777-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 UnitWidgetItemDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.4.3/ 95 KB
27 KB 24ms
23ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitWidgetItemDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c0fb2b89d40c1b2eff4da3d58d2a0b2314cab10142bc8d024bc2119914b6baf2

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront), 1.1 varnish
age: 1108953
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 27676
x-served-by: cache-hhn11567-HHN
last-modified: Sat, 15 May 2021 09:01:53 GMT
server: AmazonS3
x-timer: S1622178339.723797,VS0,VE0
etag: "b29e00b9340a1cad78e03b25e6ee17d5"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: a5ktr9bXvAyi1LVLv7pFlpXZ63Mxha9Kl1pcJi_LISM8I5POgC307g==
x-cache-hits: 181236

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11a9b15642b0363eff0f99a242a84305.jpg
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 53f304eb433c811cb5479a41313bd87e1dd2c31ec798415378325b5fa7969736

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 3052291
edge-cache-tag: 295925094799410044935824217338449409416,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 99
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/11a9b15642b0363eff0f99a242a84305.jpg
content-length: 4482
x-request-id: 71f239d39c927ce08cfc16a2725f3815
x-backend-name: US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb106
last-modified: Fri, 02 Apr 2021 12:27:30 GMT
server: nginx
x-timer: S1622178339.732566,VS0,VE0
etag: "10d2ba71fce31f0880f752827ff43424"
x-served-by: cache-wdc5549-WDC, cache-dca17741-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/screenshot_20200620-161346_chrome8919488166401086506_1000x600_f8bb9a353e4a4601bd7b13223f9b4736.png
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 740bf5f1aecd507647d455f3c9c19b7a405307adb22085c9f6887d57a7f42862

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Fri, 28 May 2021 05:05:38 GMT
via: 1.1 varnish, 1.1 varnish
age: 1073003
edge-cache-tag: 415879825527955842250053461490911193612,539224017810145466138863900429835611322,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-ratelimit-remaining: 100
x-envoy-upstream-service-time: 34
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_189%2Cw_340%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/screenshot_20200620-161346_chrome8919488166401086506_1000x600_f8bb9a353e4a4601bd7b13223f9b4736.png
content-length: 5504
x-request-id: 49bbf448e879339411d25b32c9b8cd49
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
last-modified: Thu, 29 Apr 2021 05:07:59 GMT
server: nginx
x-timer: S1622178339.732656,VS0,VE0
etag: "275a2901323afb395b5249fb5f7946d9"
x-served-by: cache-wdc5541-WDC, cache-dca17745-DCA, cache-hhn11567-HHN
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 2

GET
H2 200 container.html Show response
7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DC57 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 28 May 2021 05:05:37 GMT
expires: Sat, 28 May 2022 05:05:37 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052601.js?31061328

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Fri, 28 May 2021 05:05:38 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E722 0
74 B 17ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQq-3iAhjCycyVATAB&v=APEucNXcWBq1GH0ptBgfNfvytTqXt_KRSqLMgIsBBD5NGYGroa3bmbiieS8MkE7Mpi0QA38Motp93YfPXOhGcOAkt0AzmkUkAA

Requested by

Host: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJDh3gIQq-3iAhjCycyVATAB&v=APEucNXcWBq1GH0ptBgfNfvytTqXt_KRSqLMgIsBBD5NGYGroa3bmbiieS8MkE7Mpi0QA38Motp93YfPXOhGcOAkt0AzmkUkAA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUl_qpkSY-QmmnzAUPUILDlC_9UWRQDgF_MM9ZoP_f9iT_YDnrrtnnzBWj2zs04
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 28 May 2021 05:05:38 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DC57 43 KB
21 KB 548ms
548ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC-4unmgNfPjDayWtdNNX9SNlRls9ZuGpfiN-jVTUZCHq5qGAMzjTcbS32jwb3GWly1DMKYYVz-AbS8kOinN9OVIMNaI6p_kGBXJ9hCVpvdVi5SkZOyz0asVu2QCqRSlDP2XlpVQJkD0VAk0KrkPNyRf_uRw&dbm_d=AKAmf-AXHQCtScblaXn3UNgxWzw2YE5Fv-_box_mA6XgHX98oUQxIZnPzNwkiIry4a4QR1VByO3SGIZefE8l-NEZWxxfG_EWaFZCwGHGsDALlJETj4lAsdlY7MkYJoRLwrb5WLpMnI04-zOgnmG7BN1jaruzqDEalK61pCbKLAHbAwXvSXdu7zddFsOyuFm_HV9RomlMRQ-X0AFjjd-Wp56KoLJ2xf9Lmr2lpNgTrb92x3N_peUu6NI0nAmAsnoRHM2roZYS6s3eXVE2oPyEAVYD0YKqX6aEHz8GeG46vEcbxV4Za3mVW7F6cDlQJ4llpQbKZjYw652sEYlnt7nY41x_UIbyhQ2JZ1p7_yzWCmlLw4ARjqpe2UJvEqOK0jqyPcWhnLYJfX5bq_NwkdEgTJB7Vzn58JyAwAyMDKn8ElS5iLB7G_RjIAn-XLFdCoT972yJ3I-ZSmOWHTwO-ZZ5yOB0ioyXk0YghHgSCukGtb4xGl66p1PeqUBcloWLeRknsO8Kppdo_y-jpaaY_juvtiA69iraCZkBGeEQXcw5CmEdGxsJbaG_UjR8zllLQitZCFqPdtBdJnrmODADu61MaDZGsYe2oBHhs4oL_vsqrSNOfwqGRQZgTSmP2wz0cIQoQxA8xntgLfgfcWGxexJYkshHSgOJG3zZpJ5Dinz_-3ZbaOaLBRxh81ELh9YualNsB1ugc1Bhub7VRoCWoqbri1p_jTFpp3dlNcnqlfBFL-BHDh-FqVccEe8ksYRbGtdMaqtb2DSnLt7Bflc037uLcmJ7UM7RI__jeECxi5rOyC4r5MLqZO3Wlxt1baaxgMQv9DWlETUv-jgf9xGQUeRydY99CXaFQ9PHzUP2zUWadg9lhchxdmFyuVYCX2dwiJxIbcdUk4u05m4n1rBu84NdZcwshGlrCysBLL3is425_Rztr2WH24XHGkPeQPhMEIzwUPZfgFKj7Z1pxmxnkGF6BjnS-Bf7Hq1HBERx_aCE_DRaXRw14HxkrjfxVXFysll7d2bifcIc5X-YPHd7vNjOhF3jIWawo266mkmRJLlkYCbSqD8ukYSCHNwPi1KOEHl3CT7ewEBJGhuTSdIaokGF-qK8qrTuK_XWmkcaIXE9TwKMo0P9Ix48tLWdtR-atBtEPNDqxho45XjKxogAlhqZL3a7lRwvpNG7KzrgyFOLkDCOMLYHTnPd8_7k5HTbBVsYCrZaG2GacfhGupgywKgYfRr0FJBlLIh3Yd5YeBuJo9F7Je1rQlnaiTpklk4cTtS6Ycpmz-SQ-QFZIswwgpN76d_0GefE6dDv3ecWdbz8pWsdA3mzHK_Nd3PoIafhcz4nydPt9Zm5yXlaMhTjjEK8HbNcOj7K9uk2FWnn2gIG2uGzFgm_OC4lNfTuMjPPyrC8u-qIih1c1FUDDwtSKhl4qrgdTRc9lBBzMLsnaU_-bmsEzcTrDSWG3biDcNlBmdYUBgU74g9uylEAjS8KBbeG9o829evtkJIEKye937Pe8uWSB4yKLwnHTkfkYjMzvZyh5bNfrJsBHqSYAqKJOvmtRmC4sy9yiJZs-oXtbhZR481R19Af5UxOfRlrzdGRu3r9XDL9LinGroMtKqOYECayc4kgjrzQOqnRQzgurAyQEkllpSmIYDcxzMevEPGC9GZ50X1G-El4RTRZ3CSHM7WaGyG34uabFNZ5BQQfeyU8OOThAOsqvg3KbdvaQtOEOmzXGZKgXE3rZyZQd5JFjx7Vnv5h7kUTcbLewMZc-pW00bGH9zhkStlfSneyqa867oxId-R2hTHm16hTIva8Et6GHTqDT0S-GV-k7sfhZDOur9yrsHox-bCWXwVT8K0nZkQivyGMPnne9GhRalJ84Gc8kog1vcwU7HHuVKHXrFDTkdclhQCCmz4oz06BwRyli8LxVNnsHbY4TEkicoNWNWCaUl95vNJHhjTKsL4rWyvcqUyOIJUS2HjneqxFCT9F8_oHRsVZ5BMxOa3q51Ifr-b10ZzkCiDqa6SJhbMGfxXn7o4dRjEOwpZNBLa0tloXI-FJ2YOAkYz2KT5mdr5EJgl8hfJAYi1E7r_0H2AeyyVBKaLeNFPwijeFa37_6zJW9Rkcvoz8qo-Z_dQBRqss0qkjwqJB1SFvhemP8NXtomdxZsAFAVyV74R659kCsSdrOtO7VM1Or1efuw-yh7oDN1rhoI6e0e2QG4HVqll2jKH8HZWPO0zf21t039lhzWKgLtZHcwtx9gFTmDz7Qs_vBo0nJBoW2y_BNceF6spsRdwwLq8WOuSbL4GTwGZ5WiNthg1ukCeID970LNJ-Jc3IKeXhInw4CrYuRWDaFgpy8qeMceNs8oPaUZ1esH4T6P9DURu5jtcjY_HljemZ_lHZ9imu0fBUpdcAQpujryip1JWw52GnlzrV1nO84L4e5xBFRGAgh-gquJyhbLx9q2Ms0B-pPZubKVw9SUpgHOat1sTIYyfy3le02Wbsqf4gSAG_VZpQRZwo6AydNqrBmuyCgMItVjfKj98UIbhRFUkvteOmEu6CNZdJyaOyxiSLHE74HskcNfU4_e8i7FPebX38gfHJNM8UPIedw0ob1B7lrNiLq3sRSR-cEW3-w3MXpt9JRXsI8K4QfpY5iAv3kiGH0eRKnqZBu_M_jOb63I7vcYEefGGS1A9g3z_9HFUW_TbWAGA6jirEpL2hD0o4DM4ziiPY2gjoAmHUof38QfEOCY1sO18Jkr25vlG3HT-Nd0ol8mY6Cw9oBgDixgFyLLKY-zO-T9EGn4l944Iv6i3wANZgq82gjdMWGaJikvpZOcTzbp9u_4l6omq8WYi5obUlRSqt17JlTwo7ojsuVkDLGfEF9Hl8CaSzeybeok83i65QZ32l6xz2Mxl92OHLR8KNmF2_we57RTjTACpclMtq5ixt6OdE2wd5ouMICwn79nEjc4XqrD5lBa3qHmwZTHq7Od8pR46nkdyvb8BxrJwJ5-txJhHVnfv47XUTlMBJKYzhHpzXnjhRP417T_L382POfpVIZ83S9ilkbnJro3GJDywxYwvvaAqQKbeMvcEsyXyNiOmCj4guh8X9MdYTcRho9OVpwUmRyzxOvdIR5ostrSrgaWqe4Bow_WeYFgWGQqepg6iFGHNg2DaUHQnazdM9bu2nfkUYgOOVgO4UXXESopV77MdA1eCnKvtwZmY4e9USbxUeyvC4m7yfqcX879GSZx9vn45ihbXSFeUkIZpS28INw92-nY7dZtck320&cid=CAASPeRoBwQ8SrbCweRtgHIR6FRyd1lfy6GMLEZ9LeUZypQ2DEOQY9JVilwaJa3KgGDuoKz2UgIdDwvu5l2NDMc&rfl=1%2Chttps%253A%252F%252Fwww.tvnz.co.nz%252F%240

Requested by

Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9379402894a3515fbd8fa359dffb9163ed3da4612c10d1802489e0504821291

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC57 42 B
498 B 67ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D-DtcO6HibMKZpN56YpNBC-1IrhlzSSJBgIgFa0l3kOC2rMOtuQKzouGNk-ZsGu9wHWzArxsuHdyTS_DUqslXAaRE39g_riTdWheckby3IDKO6KIo

Requested by

Host: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DC57 2 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 04:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3108
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 04:13:50 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC57 121 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Fri, 28 May 2021 05:05:38 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame DC57 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 05:05:04 GMT

GET
H2 200 st Show response
imprammp.taboola.com/ Frame E768 955 B
669 B 33ms
32ms Document
text/html 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

server: nginx
content-type: text/html;charset=ISO-8859-1
content-encoding: gzip
accept-ranges: bytes
date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 varnish
x-served-by: cache-hhn11567-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1622178339.022052,VS0,VE10
vary: Accept-Encoding

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 103F 956 B
1 KB 25ms
23ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

server: nginx
date: Fri, 28 May 2021 05:05:39 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 10 KB
5 KB 410ms
357ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=581&height=326&pubid=169497&tagid=953497&crid=5242975&noaop=3&sortOrderType=0&cb=1622178339020&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1233&pt=1598055233&tz=120&viewable=true&ddast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1657145&dpubid=321195&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&mPre=0.033&cirf=https%3A%2F%2Fwww.tvnz.co.nz&en=1
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85cedc7f129bd0ede0c7eeedd3441fb368dcdacaf9676a9a135e0c6a53284ed6

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
content-encoding: gzip
access-control-allow-origin: https://www.tvnz.co.nz
machineid: 1425
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19158-FRA
pragma: no-cache
server: nginx
x-timer: S1622178339.081664,VS0,VE334
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://taboola-d.openx.net>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect,<https://taboola-d.openx.net>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 21ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=31589837&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&debug=pn:!sqg:!torgn:1622178331971.2!ts:1622178339008&mntl=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
content-length: 0
server: nginx

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 103F 70 B
264 B 113ms
36ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 103F 0
125 B 85ms
29ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame 103F
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---

0
227 B

21ms
19ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.127:10213
date: Fri, 28 May 2021 05:05:39 GMT
server: nginx
x-fastly-to-nlb-rtt: 3936

Redirect headers

Date: Fri, 28 May 2021 05:05:39 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 129
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame 103F 43 B
146 B 83ms
26ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E768 70 B
265 B 100ms
36ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame E768 0
124 B 1395ms
1352ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:40 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E768
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---

0
226 B

22ms
20ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.40.0.195:10213
date: Fri, 28 May 2021 05:05:39 GMT
server: nginx
x-fastly-to-nlb-rtt: 3936

Redirect headers

Date: Fri, 28 May 2021 05:05:39 GMT
Server: nginx
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=582bfab4-bf72-11eb-a194-14e583300206&orig=video&us_privacy=1---
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 102
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
x.bidswitch.net/ Frame E768 43 B
145 B 71ms
27ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 3D2B
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

80ms
26ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 May 2021 05:05:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Fri, 28 May 2021 05:05:39 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 3D2B 31 KB
9 KB 28ms
28ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:39 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 19:07:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59263
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9267
Expires: Fri, 28 May 2021 21:33:22 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame DC57 22 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DC-4unmgNfPjDayWtdNNX9SNlRls9ZuGpfiN-jVTUZCHq5qGAMzjTcbS32jwb3GWly1DMKYYVz-AbS8kOinN9OVIMNaI6p_kGBXJ9hCVpvdVi5SkZOyz0asVu2QCqRSlDP2XlpVQJkD0VAk0KrkPNyRf_uRw&dbm_d=AKAmf-AXHQCtScblaXn3UNgxWzw2YE5Fv-_box_mA6XgHX98oUQxIZnPzNwkiIry4a4QR1VByO3SGIZefE8l-NEZWxxfG_EWaFZCwGHGsDALlJETj4lAsdlY7MkYJoRLwrb5WLpMnI04-zOgnmG7BN1jaruzqDEalK61pCbKLAHbAwXvSXdu7zddFsOyuFm_HV9RomlMRQ-X0AFjjd-Wp56KoLJ2xf9Lmr2lpNgTrb92x3N_peUu6NI0nAmAsnoRHM2roZYS6s3eXVE2oPyEAVYD0YKqX6aEHz8GeG46vEcbxV4Za3mVW7F6cDlQJ4llpQbKZjYw652sEYlnt7nY41x_UIbyhQ2JZ1p7_yzWCmlLw4ARjqpe2UJvEqOK0jqyPcWhnLYJfX5bq_NwkdEgTJB7Vzn58JyAwAyMDKn8ElS5iLB7G_RjIAn-XLFdCoT972yJ3I-ZSmOWHTwO-ZZ5yOB0ioyXk0YghHgSCukGtb4xGl66p1PeqUBcloWLeRknsO8Kppdo_y-jpaaY_juvtiA69iraCZkBGeEQXcw5CmEdGxsJbaG_UjR8zllLQitZCFqPdtBdJnrmODADu61MaDZGsYe2oBHhs4oL_vsqrSNOfwqGRQZgTSmP2wz0cIQoQxA8xntgLfgfcWGxexJYkshHSgOJG3zZpJ5Dinz_-3ZbaOaLBRxh81ELh9YualNsB1ugc1Bhub7VRoCWoqbri1p_jTFpp3dlNcnqlfBFL-BHDh-FqVccEe8ksYRbGtdMaqtb2DSnLt7Bflc037uLcmJ7UM7RI__jeECxi5rOyC4r5MLqZO3Wlxt1baaxgMQv9DWlETUv-jgf9xGQUeRydY99CXaFQ9PHzUP2zUWadg9lhchxdmFyuVYCX2dwiJxIbcdUk4u05m4n1rBu84NdZcwshGlrCysBLL3is425_Rztr2WH24XHGkPeQPhMEIzwUPZfgFKj7Z1pxmxnkGF6BjnS-Bf7Hq1HBERx_aCE_DRaXRw14HxkrjfxVXFysll7d2bifcIc5X-YPHd7vNjOhF3jIWawo266mkmRJLlkYCbSqD8ukYSCHNwPi1KOEHl3CT7ewEBJGhuTSdIaokGF-qK8qrTuK_XWmkcaIXE9TwKMo0P9Ix48tLWdtR-atBtEPNDqxho45XjKxogAlhqZL3a7lRwvpNG7KzrgyFOLkDCOMLYHTnPd8_7k5HTbBVsYCrZaG2GacfhGupgywKgYfRr0FJBlLIh3Yd5YeBuJo9F7Je1rQlnaiTpklk4cTtS6Ycpmz-SQ-QFZIswwgpN76d_0GefE6dDv3ecWdbz8pWsdA3mzHK_Nd3PoIafhcz4nydPt9Zm5yXlaMhTjjEK8HbNcOj7K9uk2FWnn2gIG2uGzFgm_OC4lNfTuMjPPyrC8u-qIih1c1FUDDwtSKhl4qrgdTRc9lBBzMLsnaU_-bmsEzcTrDSWG3biDcNlBmdYUBgU74g9uylEAjS8KBbeG9o829evtkJIEKye937Pe8uWSB4yKLwnHTkfkYjMzvZyh5bNfrJsBHqSYAqKJOvmtRmC4sy9yiJZs-oXtbhZR481R19Af5UxOfRlrzdGRu3r9XDL9LinGroMtKqOYECayc4kgjrzQOqnRQzgurAyQEkllpSmIYDcxzMevEPGC9GZ50X1G-El4RTRZ3CSHM7WaGyG34uabFNZ5BQQfeyU8OOThAOsqvg3KbdvaQtOEOmzXGZKgXE3rZyZQd5JFjx7Vnv5h7kUTcbLewMZc-pW00bGH9zhkStlfSneyqa867oxId-R2hTHm16hTIva8Et6GHTqDT0S-GV-k7sfhZDOur9yrsHox-bCWXwVT8K0nZkQivyGMPnne9GhRalJ84Gc8kog1vcwU7HHuVKHXrFDTkdclhQCCmz4oz06BwRyli8LxVNnsHbY4TEkicoNWNWCaUl95vNJHhjTKsL4rWyvcqUyOIJUS2HjneqxFCT9F8_oHRsVZ5BMxOa3q51Ifr-b10ZzkCiDqa6SJhbMGfxXn7o4dRjEOwpZNBLa0tloXI-FJ2YOAkYz2KT5mdr5EJgl8hfJAYi1E7r_0H2AeyyVBKaLeNFPwijeFa37_6zJW9Rkcvoz8qo-Z_dQBRqss0qkjwqJB1SFvhemP8NXtomdxZsAFAVyV74R659kCsSdrOtO7VM1Or1efuw-yh7oDN1rhoI6e0e2QG4HVqll2jKH8HZWPO0zf21t039lhzWKgLtZHcwtx9gFTmDz7Qs_vBo0nJBoW2y_BNceF6spsRdwwLq8WOuSbL4GTwGZ5WiNthg1ukCeID970LNJ-Jc3IKeXhInw4CrYuRWDaFgpy8qeMceNs8oPaUZ1esH4T6P9DURu5jtcjY_HljemZ_lHZ9imu0fBUpdcAQpujryip1JWw52GnlzrV1nO84L4e5xBFRGAgh-gquJyhbLx9q2Ms0B-pPZubKVw9SUpgHOat1sTIYyfy3le02Wbsqf4gSAG_VZpQRZwo6AydNqrBmuyCgMItVjfKj98UIbhRFUkvteOmEu6CNZdJyaOyxiSLHE74HskcNfU4_e8i7FPebX38gfHJNM8UPIedw0ob1B7lrNiLq3sRSR-cEW3-w3MXpt9JRXsI8K4QfpY5iAv3kiGH0eRKnqZBu_M_jOb63I7vcYEefGGS1A9g3z_9HFUW_TbWAGA6jirEpL2hD0o4DM4ziiPY2gjoAmHUof38QfEOCY1sO18Jkr25vlG3HT-Nd0ol8mY6Cw9oBgDixgFyLLKY-zO-T9EGn4l944Iv6i3wANZgq82gjdMWGaJikvpZOcTzbp9u_4l6omq8WYi5obUlRSqt17JlTwo7ojsuVkDLGfEF9Hl8CaSzeybeok83i65QZ32l6xz2Mxl92OHLR8KNmF2_we57RTjTACpclMtq5ixt6OdE2wd5ouMICwn79nEjc4XqrD5lBa3qHmwZTHq7Od8pR46nkdyvb8BxrJwJ5-txJhHVnfv47XUTlMBJKYzhHpzXnjhRP417T_L382POfpVIZ83S9ilkbnJro3GJDywxYwvvaAqQKbeMvcEsyXyNiOmCj4guh8X9MdYTcRho9OVpwUmRyzxOvdIR5ostrSrgaWqe4Bow_WeYFgWGQqepg6iFGHNg2DaUHQnazdM9bu2nfkUYgOOVgO4UXXESopV77MdA1eCnKvtwZmY4e9USbxUeyvC4m7yfqcX879GSZx9vn45ihbXSFeUkIZpS28INw92-nY7dZtck320&cid=CAASPeRoBwQ8SrbCweRtgHIR6FRyd1lfy6GMLEZ9LeUZypQ2DEOQY9JVilwaJa3KgGDuoKz2UgIdDwvu5l2NDMc&rfl=1%2Chttps%253A%252F%252Fwww.tvnz.co.nz%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:02:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8609
x-xss-protection: 0
server: cafe
etag: 7365582700020686358
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 05:02:52 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame DC57 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:04:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 05:04:53 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC57 0
575 B 100ms
41ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstIe6jJgL3FkDcay4dz3SkvKUX9xR7-5qc7lnS6wfRE4culSI0JXxyOCOF5vP2iziDB8IVZ8jGJWzo0kI_JWuEyP7qtzvKWLWrPt7QhG_TearlQbkoU9_KB01FtZuyyQo6Fbc8tFBRdXbVP42y_mB_W3vZEoGhuHtP4TvyUjy9sHYbM3pxWrJlpYvM2g3q5YO7P6qiwmPoBzQDv7fGJkNiWxzufvoQFBSB2RJzR5KBtMTV327YKAlk95t6bwNRYd2bspdg5icUauCkaNFPVHSgiufohahWPuh0XelGQ1j17iVtxWLq57s6hdqilB3i15zrhJZSnUh4VW2_QZhasLMMu6J_BloLjpEVQVcVhv3W44WF_q8JxaC0LM6sxXfO2nYWges7DDGIVTSsAtH6l5thWhtuvjs7M4Y0RPJBZLCHoJ-cihVICyL4tk2eFOMqZxrYONUC6tpNkiV6PZkMw5i1CC-fnTMS30SyXh__RoxD-tmE5AXvzNusS6nYi9GO3qhvJ3OZyVUMuMQygnDQlaibDlmY8MDlA5KoKT7HixGkYMvG7qml0SYJnZNZtis8wWghDhXjuAdfSlSSIVn5-lMVqiZLuMYhoT8LlM8kb3smUp2TzRMSn95MAo-sJj_13KDjh54GLaggi0ysficlrMPjQXmRTXSaEblmiOljEGFABuJ2OWavxhAgHCfA0SqbjltsYIBibJM5Vc5dnQZgIzF5B9ZiEyWDZ2AWU4oYXoOzXCyupkX0St1VTwKRpwb6OKm72nZXffd8csUqArhZ51gnWPH5lXZnayrBgEZntY378IE7HhC4GFkqaz_QyXVLg9dhLlUXlMpYhsIkwY7U0jkcDhHqBbOs36IVGEi5f-bVdvERLRXQz92Zqhl19vKdA_ZxFaQEAt2V6doqLISexbpAEZOKCF_CQxiVaeDiZMC9aYVTBhJPrs11w-1WIkj3vb-UwBDCXSxj_Gs0raZ_o0p9I1OwEitqiZsN57w7KQDHt1QllKlJewmvMVXE2dh2S47RvPRXWtXlrgEsxTihD2WdE4Q6m858xCaIkqRkBhy_BjhnQUfyGmGj1mlF9m_EQvmUIwJ68MJhyE6H1wjNvCUHniAT115sfvLkY0h4GSGaNMT9yk893KFn9L9TFF3fOTmpqH8fOl8JzWZsfyhoC9GcdE9Br5d2DmUNIQ_wZ61hWGXBwa-VyaEpnnRTWPwand6Grtw7y7mP3aDSi31SY2ES0jf58xUbki4O1BMUCB-76otEau-mh6lJR_yRlMamrwsncnL5C&sai=AMfl-YSJoI9s9pmq4b7C4IjU9E3zZL2xSs67D7U3gWbDlTbCJzo4oIYT81bP91mrWhBkwXZl1kmzphqMv3YdAEwT6tJxC17mH89fAa_1QVvBB-3eUVx0TIOh7iWQkam4UXCWbgYAp9nPTeTM2syBy7IS2c1xgRMhdOz9Ng9gZGxqvgOv6T_djw8Uww4NU4EAsWMBGxLfOFQsrxmhlzFnfcJPnzje1xZEpMRq_dC__ZYqRg&sig=Cg0ArKJSzKladvzLtcGYEAE&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210524.77973&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 28 May 2021 05:05:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DC57 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110464
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
H2 200 3978533810021939240
s0.2mdn.net/simgad/ Frame DC57 137 KB
137 KB 35ms
11ms Image
image/jpeg 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/3978533810021939240

Requested by

Host: 7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
URL: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8848a8c1ba02660d515e576a32898ea6a06f58197356cbc09db5c34940e7b74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 00:51:19 GMT
x-content-type-options: nosniff
age: 15260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 140153
x-xss-protection: 0
last-modified: Mon, 10 May 2021 06:08:47 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 May 2022 00:51:19 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 3D2B 284 B
536 B 121ms
30ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
DATA 200
OK truncated
/ Frame DC57 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 515905b07770ef92c28c62d6289805f4146eb92b6b7a3f547b38cc2a3f224986

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cmTagWIDGET_ITEM.js Show response
vidstat.taboola.com/vpaid/units/29_7_6/infra/ 632 KB
107 KB 69ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2d1c4dad4a965524e5be23317adaf2000ffa36bf77d0c53047a871efe33f80f7

Request headers

Origin: https://www.tvnz.co.nz
Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 varnish
age: 241493
x-amz-meta-mtime: 1621935320
x-cache: HIT
x-amz-meta-ctime: 1621935321
x-amz-meta-mode: 33188
content-encoding: br
content-length: 109136
x-amz-id-2: MpbiQUW3x/m2ZzHQKykOddreLBt1thnhmaN+2r49LF0wxfYcwslZ2SWkhB0HOLOaGQwRQiz8IGM=
x-served-by: cache-hhn11529-HHN
accept-ranges: bytes
last-modified: Tue, 25 May 2021 09:35:22 GMT
server: AmazonS3-br
x-timer: S1622178340.552699,VS0,VE0
etag: "cb13668ea306d318d0931bb54ba3a91c"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: VMSRJCE7S93VFKB9
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 57247

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/29_7_6/assets/css/ 60 KB
8 KB 22ms
22ms Stylesheet
text/css 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/29_7_6/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.4.3/UnitWidgetItemDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 varnish
age: 241494
x-amz-meta-mtime: 1621935370
x-cache: HIT
x-amz-meta-ctime: 1621935370
x-amz-meta-mode: 33188
content-encoding: br
content-length: 7948
x-amz-id-2: tBKCPUKfLrkpvZ8UAEK6bbeDa3fuQ0qlHeh7hqWOu76wmX6YXc4eu8YKjEojpC/m/oCi7nxDvyA=
x-served-by: cache-hhn11567-HHN
accept-ranges: bytes
last-modified: Tue, 25 May 2021 09:36:11 GMT
server: AmazonS3-br
x-timer: S1622178340.509549,VS0,VE0
etag: "ab667f7a75f0ca28449b3d4701aa479a"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: Z55ZXD4K5T6AQ4AM
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-headers: *
x-cache-hits: 565134

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D2A5 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 110464
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC57 0
23 B 67ms
36ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 05:05:39 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js Show response
pagead2.googlesyndication.com/bg/ Frame D2A5 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2jYUGrzVrWStLDq2CZ0zOcRL9FYonM4iQ_vCp8HlGuk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 19:38:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5712
x-xss-protection: 0
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 27 May 2022 19:38:04 GMT

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/3.2.2/ 59 KB
17 KB 27ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/3.2.2/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 34f50889bc574f1edeb41dd758962a5b.cloudfront.net (CloudFront), 1.1 varnish
age: 4334605
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 17509
x-served-by: cache-hhn11567-HHN
last-modified: Thu, 21 Jan 2021 11:30:56 GMT
server: AmazonS3
x-timer: S1622178340.698540,VS0,VE0
etag: "f237b8d35060f133ac8c595fd1234e1c"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: RuZTYf9ZWA96SQeo8HHRHLcCv200QVgjNg5SQ7cxYBxr9Ka4rjgQ-w==
x-cache-hits: 5448409

POST
H2 204 bulk Show response
trc.taboola.com/tvnz-onn/log/3/ 0
264 B 81ms
80ms XHR
image/gif 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/tvnz-onn/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=2
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 58
pragma: no-cache
date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 varnish
server: nginx
x-timer: S1622178340.717226,VS0,VE58
x-served-by: cache-hhn11567-HHN
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
706 B 26ms
25ms Image
image/png 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 19805
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: 3fxKGKGG7x9smUgGRZY3/0rYOUUaxLooyKppUJbwjC3F0De0S2w7jAiA03CoGdM8qf9YzUtHXMg=
x-served-by: cache-hhn11567-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1622178340.717287,VS0,VE0
date: Fri, 28 May 2021 05:05:39 GMT
x-amz-request-id: BZA2MM8GAVQZA74K
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 14
x-cache-hits: 7301

GET
H2 200 content14_10_18m.js Show response
vidstat.taboola.com/ 37 KB
8 KB 22ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content14_10_18m.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront), 1.1 varnish
age: 4269983
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 7638
x-served-by: cache-hhn11567-HHN
last-modified: Sun, 14 Oct 2018 13:31:31 GMT
server: AmazonS3
x-timer: S1622178340.788611,VS0,VE0
etag: "d8d81221ec6e604811ce469d899c9c8b"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: omj5vaGwuVO0u1DUElZ04p0xjblvLHfKzDESlIUndnM3CZOy52LCcg==
x-cache-hits: 5669371

GET
H2 200 oppsula.js Show response
vidstat.taboola.com/oppsula/1.3.8/ 15 KB
5 KB 22ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/oppsula/1.3.8/oppsula.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront), 1.1 varnish
age: 710424
x-cache: Hit from cloudfront, HIT
content-encoding: gzip
content-length: 5164
x-served-by: cache-hhn11567-HHN
last-modified: Tue, 14 Apr 2020 06:07:12 GMT
server: AmazonS3
x-timer: S1622178340.792178,VS0,VE0
etag: "328b70146f77a19d2bc0172c656d921e"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: lPQFsqf0nZLR-sUE0z1njrtekjTLqt2Lo-aYOy_1dO35KqhyHxTDoA==
x-cache-hits: 1845339

GET
H2 200 video-autoplay-detector.js Show response
vidstat.taboola.com/video-autoplay-detector/1.0.0/ 8 KB
2 KB 22ms
22ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/video-autoplay-detector/1.0.0/video-autoplay-detector.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 eab88762658052b4a1e386f8521a38cf.cloudfront.net (CloudFront), 1.1 varnish
age: 3100325
x-cache: Miss from cloudfront, HIT
content-encoding: gzip
content-length: 2210
x-served-by: cache-hhn11567-HHN
last-modified: Mon, 10 Jun 2019 11:55:53 GMT
server: AmazonS3
x-timer: S1622178340.792336,VS0,VE0
etag: "2fac39530c1c168282a35d1ab56450ed"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: duXZV0i4ZSVC1-tAr6cZHFunN-GB24YQyZTOQIqiUhVHBP_fxBkvMQ==
x-cache-hits: 4705314

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/ 548 KB
112 KB 24ms
24ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v12.3.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 48015da42a52ae4a114664f6a01d18f23d2240ced0d0a61752c742afbffd6196

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
via: 1.1 varnish
age: 504215
x-amz-meta-mtime: 1621674044
x-cache: HIT
x-amz-meta-ctime: 1621674057
x-amz-meta-mode: 33188
content-encoding: br
content-length: 114610
x-amz-id-2: dJ75tfTo9b06jeYQ8GMzYxJ2sKi6trhRqh7woaR27FsNr09NyMXPwg8eicCDG0UzPyJAjkz2gw0=
x-served-by: cache-hhn11567-HHN
accept-ranges: bytes
last-modified: Sat, 22 May 2021 09:00:58 GMT
server: AmazonS3-br
x-timer: S1622178340.834800,VS0,VE0
etag: "b7473e547ce104275d896a4eff4f5e2e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-request-id: VK05WFD3CC4YQRVC
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-headers: *
x-cache-hits: 1230843

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 3095 945 B
1 KB 27ms
19ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/29_7_6/infra/cmTagWIDGET_ITEM.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 7327ccc438fc485cdbd506450b53246974166453a420e9d379529e25cf490d23

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tvnz.co.nz/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.tvnz.co.nz/

Response headers

server: nginx
date: Fri, 28 May 2021 05:05:39 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

GET
BLOB 206
Partial Content 72f71e8f-a5a5-4f44-a240-598b1e9b7a4d
https://www.tvnz.co.nz/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvnz.co.nz/72f71e8f-a5a5-4f44-a240-598b1e9b7a4d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content cf1c56b0-ec84-43c5-bb51-9e942190d725
https://www.tvnz.co.nz/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tvnz.co.nz/cf1c56b0-ec84-43c5-bb51-9e942190d725
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTI0ZTViMWItZDU2MC02OGRlLTVlNTItNDI0MDQ2ODQ4MjIz

0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 3095 70 B
264 B 66ms
57ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 sync Show response
pixel.advertising.com/ups/58166/ Frame 3095 0
124 B 60ms
58ms Script
text/plain 52.28.254.214
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pixel.advertising.com/ups/58166/sync?gdpr=1&uid=&_origin=1&us_privacy=1---&redir=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.254.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-254-214.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:40 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 sync
x.bidswitch.net/ Frame 3095 43 B
145 B 60ms
57ms Image
image/gif 52.59.128.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.59.128.17 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-128-17.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 4BEA
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

30ms
25ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 May 2021 05:05:40 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Fri, 28 May 2021 05:05:40 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set usermatch Show response
ssum.casalemedia.com/ Frame F0DC
Redirect Chain

https://ssum.casalemedia.com/usermatch?gdpr=1&s=183756&us_privacy=1---&cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26u...
https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr...

2 KB
3 KB

37ms
36ms

Document
text/html

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&excid=22&docw=0&cijs=1&nlb=true
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1482489920c1d5d3aa169f3b42fc069c2dc11fbf515073cb9cdeaeb6e6896e1

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://am-match.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YLB6JGdlRb2zn-ngUEz1ewAA; CMPS=1128
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://am-match.taboola.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 45|241|39|230|218|8|221|5
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1767
Expires: Fri, 28 May 2021 05:05:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Connection: keep-alive
Set-Cookie: CMID=YLB6JGdlRb2zn-ngUEz1ewAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 May 2022 05:05:40 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 Aug 2021 05:05:40 GMT CMPRO=1114;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 Aug 2021 05:05:40 GMT CMRUM3=0860b07a2405a00&2760b07a240b40&dd60b07a242760&0560b07a2405a0&e660b07a242760&da60b07a242760&2d60b07a2405a0&f160b07a2405a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 May 2022 05:05:40 GMT CMST=YLB6JGCweiQA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 29 May 2021 05:05:40 GMT

Redirect headers

Server: Apache
Content-Length: 428
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Fri, 28 May 2021 05:05:40 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Connection: keep-alive
Set-Cookie: CMID=YLB6JGdlRb2zn-ngUEz1ewAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 28 May 2022 05:05:40 GMT CMPS=1128;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 26 Aug 2021 05:05:40 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D2A5 0
20 B 55ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4rh8InqwYMHZNM2KjuwPgp2pyAUAAAAAOAHgBAI&bg=!JySlJGDNAAaMan2LjGo7ACkAdvg8Wte09gBUqUksgkxAvY5JGHpNn-IyU0SaRLVHBu5K-hx0LVclbgIAAAJ5UgAAAA9oAQcKADFta4T49q3m4uyzZW-9U8lUEU2uml-ITAcDyTKsMPn1_c2lyl_OpJt1ouua_quotdfdmQKSUPs2wpsbRvvtYiiI5M4aDmiX_-Nwa1DwVfwXJfzYIaylKo61nmB248F6laf_TXxV6fZ4GWQxDtAUFUtnh3y_WWg62JcI6bRGySWs_hI0oEzjWCF0EYHRTUMg32SyTvCjiaFJLHjiT1Tw8_SQs5EqIkkWBmViJz4IZSUDho9w7dvotehTLDgYX9lJI0zMPFZm5zPrnPQBs3KKZgWLikwiJ0OjOaJAvzV6ImbJGlhSceSPFfuxViXB9cr2aXzZKhurGptQikm-dHYjgZPwgP-BSsXHBQOC61cm-EBkM-bctZgiLV84P9y0EYwhib9N1mCbkpse7I4yTro2FhgKBY2zCVC7bBQA8skMI2_dkRebIlUEUpJHJfHLH--8KzVrdPNheSl9NMtVMeVRERWI8qEVHnMLIZbZncO0MWHYtkrVmPPCeK2jLCRbN90NV8Uy4cWVNL_brwZqHN8COGHodRMpzUldzALvU812RifkWE7UxLS0y15mDmNXVe7bFXvMES4A-_UT2S0t_a485nnXLDiMLdc3LJ2VlQxzU7S-CYHACgi3CNezC3tB9rOeKmfVlKOK3EC4Fbed-onLvJ8mbExgLk2-Y1cyI6HTJBASjXzV6vbkgaGh0xFseR8jH0DTcD95DXkyx6mgHYL-W_woIUzJx2whtat689C9eH3XNnzSy3RcIsyJQ_Ipg8WbpInsvgNIreFgpUfOdDzOmBLAzUR7caWMlBjQvQRRsXletfcFrcrbjxMUNs-vggMyuxSiooRSVYZAk1HTzkoi1lMqg2hhKncyTUqsPfquuK9FW2dAWYxVK_-i4Tv4In7yYKNC0KHU_iBFPuozor_ai8sMEIbT8DEfJE0h6U9bYJCvY77IzRk4CA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4BEA 31 KB
9 KB 32ms
31ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 19:07:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59262
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9267
Expires: Fri, 28 May 2021 21:33:22 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 4BEA 284 B
536 B 43ms
40ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F0DC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YLB6JGdlRb2zn-ngUEz1ewAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOz_tWbyiZ71ueeLF50a76E&google_cver=1&gdpr=1

43 B
1000 B

31ms
31ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOz_tWbyiZ71ueeLF50a76E&google_cver=1&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 May 2021 05:05:40 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEOz_tWbyiZ71ueeLF50a76E&google_cver=1&gdpr=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame F0DC
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&dcc=t

43 B
433 B

114ms
113ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&dcc=t
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame F0DC 70 B
264 B 41ms
35ms Image
image/gif 13.248.242.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YLB6JGdlRb2zn-ngUEz1ewAA&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame F0DC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&gdpr_consent=&us_privacy=&gdpr=1
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI1_9nEx6f9N6HYQXzVa77o&google_cver=1

43 B
315 B

84ms
29ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI1_9nEx6f9N6HYQXzVa77o&google_cver=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 28 May 2021 05:05:40 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=1&google_gid=CAESEI1_9nEx6f9N6HYQXzVa77o&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 343
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ibs:dpid=23728&dpuuid=YLB6JGdlRb2zn-ngUEz1ewAA%261114
dpm.demdex.net/ Frame F0DC 0
0 160ms
38ms Image
application/json 52.212.101.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.101.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-101-97.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame F0DC
Redirect Chain

https://beacon.lynx.cognitivlabs.com/ix.gif
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=50705a1c-e1a0-4a91-ac8d-69bedc0b76a0&expiration=1653714340

43 B
1 KB

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=50705a1c-e1a0-4a91-ac8d-69bedc0b76a0&expiration=1653714340
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 May 2021 05:05:40 GMT

Redirect headers

location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=50705a1c-e1a0-4a91-ac8d-69bedc0b76a0&expiration=1653714340
date: Fri, 28 May 2021 05:05:40 GMT
server: Kestrel
content-length: 0

GET
H2

200

tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114
bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/ Frame F0DC
Redirect Chain

https://bcp.crwdcntrl.net/map/c=6725/tp=INDX/tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1
https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1

49 B
709 B

76ms
71ms

Image
image/gif

54.171.173.220
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.173.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-173-220.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.6.173
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=6725/tp=INDX/tpid=YLB6JGdlRb2zn-ngUEz1ewAA%261114?gdpr_consent=&us_privacy=&gdpr=1
cache-control: no-cache
x-server: 10.45.4.215
content-length: 0
expires: 0

GET
H2 200 ix
ad4m.at/ad/sim/ Frame F0DC 0
0 51ms
19ms Image
text/html 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad4m.at/ad/sim/ix?gdpr=1
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
sync.taboola.com/sg/casale-network/1/rtb-h/ Frame F0DC 0
94 B 30ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/casale-network/1/rtb-h/?gdpr=1&taboola_hm=YLB6JGdlRb2zn_ngUEz1ewAABFoAAAIB&orig=video&us_privacy=1---
Requested by: Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fcasale-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26taboola_hm%3D%5Bpartner_user_id%5D%26orig%3Dvideo%26us_privacy%3D1---&gdpr=1&s=183756&us_privacy=1---&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 3943

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---

48 B
332 B

30ms
29ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---

48 B
239 B

32ms
32ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---

48 B
247 B

29ms
29ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame CAF4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=

281 B
554 B

26ms
25ms

Document
text/html

104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66289005&crid=5242975&dast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&cmcv=&pix=undefined&cb=1622178339008&uv=2976&tms=1622178339008&abt=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm&ft=0&unm=WIDGET_ITEM&aure=false&agl=1&cirid=1AEDBEE5EB517885031583712313&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://imprammp.taboola.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://imprammp.taboola.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 28 May 2021 05:05:40 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Date: Fri, 28 May 2021 05:05:40 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 200 gn
secure-nz.imrworldwide.com/cgi-bin/ 44 B
529 B 38ms
37ms Image
image/gif 52.212.68.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-nz.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-404464&ch=nz-404464_c04_0&sessionId=gzpujnksaazsfztsjvln5kiaxpnek1622178337&asn=0&prv=1&c6=vc,c04&ca=NA&c13=asid,NA&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,v60Bsdk&sup=0&segment2=&segment1=&forward=1&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16221783376925314&c30=bldv,6.0.0.594&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&devtypid=&pc=NA&si=https%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&c73=phtype,&c74=dvcnm,&uoo=&c62=sendTime,1622178339&rnd=144558
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.68.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-68-88.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-nz.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC57 42 B
64 B 55ms
41ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUk_gmY5gutag2irp46mJfi1PikzS-M7audKqOydxkjcENuG5QtVxBKKZ6Z_i_A8fnpEiIyP7mSP4iHyxLagFcTSrjW7J13VLwqhxc1361LduCAZBiQJ1q_PIOnA&sai=AMfl-YSqypoVkW-e60xnUlFLDcfDIWcJx046eJYxET2o6lQbDHpqYkbK8eGJ9oJ-oEh7A6EkSQCZssiKxqKU8LBwNj4nqgri9JqxwdKWYQjR64CicUe--f3SO9onG9Xe&sig=Cg0ArKJSzIWX7wIZ43sMEAE&cid=CAASPeRoBwQ8SrbCweRtgHIR6FRyd1lfy6GMLEZ9LeUZypQ2DEOQY9JVilwaJa3KgGDuoKz2UgIdDwvu5l2NDMc&id=lidar2&mcvt=1010&p=269,1093,873,1393&mtos=0,1010,1010,1010,1010&tos=0,1010,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&app=0&itpl=20&adk=1034387422&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622178338835&dlt=10&rpt=670&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

rtb-h
match.taboola.com/sg/mediaforcebidder-network/1/ Frame A5A7
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=taboola
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=taboola
https://sync.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0
https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0&tbid=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3&query=taboola_hm%3D33d150ac-28b8-...

0
76 B

35ms
33ms

Image
text/plain

151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0&tbid=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3&query=taboola_hm%3D33d150ac-28b8-4296-b5f8-38734fe47aa0&isDirect=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1622178341.810924,VS0,VE9
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19158-FRA

Redirect headers

location: https://match.taboola.com/sg/mediaforcebidder-network/1/rtb-h?taboola_hm=33d150ac-28b8-4296-b5f8-38734fe47aa0&tbid=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3&query=taboola_hm%3D33d150ac-28b8-4296-b5f8-38734fe47aa0&isDirect=0
tbl-x-upstream: 10.41.10.104:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 3947

GET
H2 200 sd
u.openx.net/w/1.0/ Frame A5A7 0
0 33ms
26ms Image
text/xml 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/sd?id=543998486&val=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame A5A7 0
239 B 125ms
31ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=16698
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2

200

rtb-h
sync.taboola.com/sg/betweenxrtb-network/1/ Frame A5A7
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D
https://ads.betweendigital.com/match?bidder_id=43957&callback_url=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fbetweenxrtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24%7BUSER_ID%7D&crf=1
https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=e594921b-4afb-5294-aa02-dcf1cab2a6d5

0
226 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=e594921b-4afb-5294-aa02-dcf1cab2a6d5
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.57:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 3947

Redirect headers

location: https://sync.taboola.com/sg/betweenxrtb-network/1/rtb-h?taboola_hm=e594921b-4afb-5294-aa02-dcf1cab2a6d5
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 101956
jadserve.postrelease.com/suid/ Frame A5A7 43 B
427 B 313ms
101ms Image
image/gif 3.215.93.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/suid/101956?ntv_r=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fnativortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3DNTV_USER_ID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.215.93.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-215-93-225.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2

204

/
sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/ Frame A5A7
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562107&ev=1&rurl=https%3A%2F%2Fsync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=%%VGUID%%&orig=trc
https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0dUUFRfKJpt6&ev=1&orig=trc&pid=562107

0
217 B

20ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0dUUFRfKJpt6&ev=1&orig=trc&pid=562107
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.22.84:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 8557

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: en-US
location: https://sync.taboola.com/sg/pulsepointrtb-network/1/rtb-h/?taboola_hm=0dUUFRfKJpt6&ev=1&orig=trc&pid=562107
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-555c8fd69d-d2f5v
expires: -1

GET
H/1.1 200
OK getuidnb
ib.adnxs.com/ Frame A5A7 43 B
695 B 21ms
19ms Image
image/gif 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/getuidnb?https://sync.taboola.com/sg/appnexus-network/1/rtb-h/?taboola_hm=$UID&orig=trc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
X-Proxy-Origin: 82.102.19.132; 82.102.19.132; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.43:80
AN-X-Request-Uuid: fe4f82a4-309f-43bb-8261-c9999352aa95
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
trc.taboola.com/sg/google-network/1/rtb-h/ Frame A5A7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_cm&google_sc
https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECldPSXfFuvu89GAGsbYYgU&google_cver=1

0
230 B

78ms
78ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECldPSXfFuvu89GAGsbYYgU&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 56
date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1622178341.686650,VS0,VE56
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11567-HHN

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://trc.taboola.com/sg/google-network/1/rtb-h/?taboola_hm=CAESECldPSXfFuvu89GAGsbYYgU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 304
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame A5A7 42 B
546 B 85ms
25ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2:$UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:40 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug017:0:492
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame A5A7
Redirect Chain

https://sync.taboola.com/sg/google-network/1/rtb?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dtaboola_dbm%26google_sc%26gdpr%3D0%26gdpr_consent%3D&orig=trc
https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3

170 B
188 B

34ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=taboola_dbm&google_sc&gdpr=0&gdpr_consent=&google_hm=7e4ae54e-7461-4fff-b735-f5743c42e994-tuct7a9ffa3
tbl-x-upstream: 10.41.10.104:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 3940

GET
H2

200

/
trc.taboola.com/sg/thetradedesk-network/1/rtb-h/ Frame A5A7
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=054f32o&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=054f32o&ttd_tpi=1
https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=166059d1-49a2-470e-bce2-b1e8b1a1882c

0
60 B

81ms
80ms

Image
text/plain

199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=166059d1-49a2-470e-bce2-b1e8b1a1882c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 59
date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 varnish
server: nginx
x-timer: S1622178341.731698,VS0,VE59
x-cache: MISS
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn11567-HHN

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://trc.taboola.com/sg/thetradedesk-network/1/rtb-h/?taboola_hm=166059d1-49a2-470e-bce2-b1e8b1a1882c
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 239

GET
H/1.1

204
No Content

merge
ce.lijit.com/ Frame A5A7
Redirect Chain

https://ce.lijit.com/merge?pid=42&3pid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&us_privacy=&gdpr=0&gdpr_consent=
https://ce.lijit.com/merge?pid=42&3pid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&us_privacy=&gdpr=0&gdpr_consent=&dnr=1

0
433 B

23ms
22ms

Image
text/plain

216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=42&3pid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 May 2021 05:05:40 GMT
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Location: https://ce.lijit.com/merge?pid=42&3pid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&us_privacy=&gdpr=0&gdpr_consent=&dnr=1
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
Content-Length: 0
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 rtset
bh.contextweb.com/bh/ Frame A5A7 49 B
406 B 283ms
99ms Image
image/gif 198.148.27.139
PULSEPOINT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bh.contextweb.com/bh/rtset?do=add&pid=553204&ev=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

198.148.27.139 New York, United States, ASN19189 (PULSEPOINT, US),

Reverse DNS

Software

Jetty(9.4.14.v20181114) /

Resource Hash

d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
content-language: en-US
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control: private, max-age=0, no-cache, no-store
content-type: image/gif;charset=iso-8859-1
cw-server: bh-deployment-555c8fd69d-mljl9
expires: -1

GET
H/1.1 200
OK /
rtb-csync.smartadserver.com/redir/ Frame A5A7 43 B
697 B 87ms
26ms Image
image/gif 185.86.137.132
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=107&partneruserid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.132 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:40 GMT
cache-control: no-cache,no-store
content-type: image/gif
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2 204 put
e1.emxdgt.com/ Frame A5A7 0
59 B 126ms
25ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d41&uid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:39 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame A5A7
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=29&p=282&cp=taboolaortb&cu=1&url=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fcriteortb-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D%40%40CRITEO_USERID%40%40
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3c473ca6-a2c9-49cf-a784-7ad1ba3cef82

0
227 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3c473ca6-a2c9-49cf-a784-7ad1ba3cef82
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.12.133:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 3966

Redirect headers

pragma: no-cache
x-errorlevel: 0
server: Microsoft-IIS/10.0
date: Fri, 28 May 2021 05:05:40 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=3c473ca6-a2c9-49cf-a784-7ad1ba3cef82
cache-control: no-cache
server-processing-duration-in-ticks: 3065
content-type: text/html; charset=utf-8
content-length: 222
expires: Fri, 28 May 2021 00:00:00 GMT

GET
H/1.1

200

18.gif
id5-sync.com/qp/ Frame A5A7
Redirect Chain

https://id5-sync.com/s/464/9.gif?puid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fsync.taboola.com%2Fsg%2Fid5-network%2F1%2Frtb-h%2F%3Ftaboola_hm%3D...
https://id5-sync.com/c/464/464/7/1.gif?puid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&gdpr=1&gdpr_consent=
https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOabEG5KgWi_ZUjZgGb-HJJtWLxRW2TtP64UP7NA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fpuid%3D...
https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOabEG5KgWi_ZUjZgGb-HJJtWLxRW2TtP64UP7NA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F464%2F124%2F6%2F2.gif%3Fp...
https://id5-sync.com/cq/464/124/6/2.gif?puid=f3784fcb-1f74-4941-bd97-86f8f4ee48fb&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&domid=1033
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm=&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&dom...
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESELGPLKdLRcz9HLiU47ytxh4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0Rv...
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcookie-matching.mediarithmics.com%2Finput%3Fkey%3DAPX%26apx_uid%3D%24UID%26opid%3Dapx%26ops%3D%26utidl%3Dtech%3Agoo%3ACAESELGPLKdLRcz9HLiU47ytx...
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7616681636554558723&opid=apx&ops=&utidl=tech:goo:CAESELGPLKdLRcz9HLiU47ytxh4&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0a...
https://id5-sync.com/qp/18.gif?puid=vec%3A17734611330&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

43 B
1 KB

23ms
22ms

Image
image/gif

51.89.21.21
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/qp/18.gif?puid=vec%3A17734611330&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.89.21.21 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

p13.id5-sync.com

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:36 GMT
Transfer-Encoding: chunked
Content-Type: image/gif;charset=UTF-8
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
P3P: CP="CAO PSA OUR"

Redirect headers

location: https://id5-sync.com/qp/18.gif?puid=vec%3A17734611330&sd=Y2FzY2FkZXNSZW1haW5pbmc9NSZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NjQmZm9ybWF0PWdpZiY
date: Fri, 28 May 2021 05:05:41 GMT
content-length: 0
strict-transport-security: max-age=63072000;includeSubDomains;preload

GET
H2

204

rtb-h
sync.taboola.com/sg/appierrtb-network/1/ Frame A5A7
Redirect Chain

https://s.c.appier.net/taboola
https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Xt7ZVkr9A8uh_qNFJXqwYA

0
217 B

19ms
19ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Xt7ZVkr9A8uh_qNFJXqwYA
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.14.95:10213
date: Fri, 28 May 2021 05:05:41 GMT
server: nginx
x-fastly-to-nlb-rtt: 7980

Redirect headers

location: https://sync.taboola.com/sg/appierrtb-network/1/rtb-h?taboola_hm=Xt7ZVkr9A8uh_qNFJXqwYA
date: Fri, 28 May 2021 05:05:41 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 110
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H/1.1 200
OK cookiesync
bttrack.com/pixel/ Frame A5A7 35 B
380 B 391ms
95ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/pixel/cookiesync?source=14b8c562-d12b-418b-b680-ad517d5839ec
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 28 May 2021 05:05:39 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H2

200

rtb-h
sync-t1.taboola.com/sg/bidswitch-network/1/ Frame A5A7
Redirect Chain

https://x.bidswitch.net/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=taboola&gdpr=0&gdpr_consent=
https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=taboola
https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=f4e7707e-ef92-4e34-9b04-566db8ab22d2&ssp=taboola
https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f1bd355-c4ca-45d7-a8d1-387bae3a0a73

0
227 B

20ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f1bd355-c4ca-45d7-a8d1-387bae3a0a73
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

tbl-x-upstream: 10.41.10.199:10213
date: Fri, 28 May 2021 05:05:40 GMT
server: nginx
x-fastly-to-nlb-rtt: 9217

Redirect headers

location: //sync-t1.taboola.com/sg/bidswitch-network/1/rtb-h?taboola_hm=6f1bd355-c4ca-45d7-a8d1-387bae3a0a73
date: Fri, 28 May 2021 05:05:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 cds.js Show response
cdn.taboola.com/scripts/ 3 KB
1 KB 22ms
21ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qAC_83v.ruQxT.EBjAF212Y3Xw1cEshk
content-encoding: gzip
etag: "fe3141b1cffc47b284c82d96b098b304"
age: 3486
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1181
x-amz-id-2: i42wDgzNjIRrbICyL56uZvk6UZlXA/ux6CF8Z618XGeUERc/82YlIPnWpu43Ye2+Lpy0hY5jQx0=
x-served-by: cache-hhn11567-HHN
last-modified: Wed, 10 Mar 2021 13:27:13 GMT
server: AmazonS3
x-timer: S1622178341.808327,VS0,VE0
date: Fri, 28 May 2021 05:05:40 GMT
vary: Accept-Encoding
x-amz-request-id: 8G72GPESSN3T79N7
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 14
x-cache-hits: 38141

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame CAF4 31 KB
9 KB 29ms
28ms Script
text/html 104.111.230.142
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.230.142 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-230-142.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed

Request headers

Referer: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 05:05:40 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 19:07:56 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59262
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9267
Expires: Fri, 28 May 2021 21:33:22 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame CAF4 284 B
536 B 34ms
33ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&p=15414&us_privacy=1---&endpoint=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H2 200 / Show response
t1.taboola.com/ 2 B
177 B 345ms
113ms XHR
text/html 141.226.124.206
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.206 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t2.taboola.com/ 2 B
177 B 362ms
113ms XHR
text/html 141.226.124.197
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t2.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.197 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: c97550ce8213ef5cf6ed4ba48790c137df3ef6a5da20b48961001a634b6cead2

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t3.taboola.com/ 2 B
177 B 345ms
114ms XHR
text/html 141.226.124.240
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t3.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.240 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Thu, 21 Jan 2021 15:59:33 GMT
server: nginx
etag: "6009a4e5-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t4.taboola.com/ 2 B
176 B 368ms
113ms XHR
text/html 141.226.124.221
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t4.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.221 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t5.taboola.com/ 2 B
177 B 352ms
113ms XHR
text/html 141.226.124.239
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t5.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.239 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 38636d685374771224f4f6d6b0306f69492eec9f87654eed0c5250fb6d2ceb5b

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:17 GMT
server: nginx
etag: "600d8c35-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t6.taboola.com/ 2 B
177 B 353ms
112ms XHR
text/html 141.226.124.229
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t6.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.229 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: b7a56873cd771f2c446d369b649430b65a756ba278ff97ec81bb6f55b2e73569

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t7.taboola.com/ 2 B
177 B 342ms
112ms XHR
text/html 141.226.124.221
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t7.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.221 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:16 GMT
server: nginx
etag: "600d8c34-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
t8.taboola.com/ 2 B
176 B 366ms
113ms XHR
text/html 141.226.124.206
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://t8.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.206 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:41 GMT
last-modified: Sun, 24 Jan 2021 15:03:23 GMT
server: nginx
etag: "600d8c3b-2"
content-type: text/html
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
accept-ranges: bytes
content-length: 2

GET
H2 200 / Show response
pips.taboola.com/ 4 B
122 B 25ms
21ms XHR
text/plain 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 05:05:40 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-hhn11529-HHN
access-control-allow-methods: GET
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 279ms
92ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=cdd85d28-2107-44d2-be18-b8aa13d99bad-tuct7a9ffa2&dnid=0e05301d2f251d0e
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 May 2021 05:05:41 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ 85 KB
31 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?sensor=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 17:38:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 41227
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31670
x-xss-protection: 0
expires: Fri, 27 May 2022 17:38:35 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/44/14/ 280 KB
86 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?sensor=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 20:30:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 11 May 2021 18:12:04 GMT
server: sffe
age: 30940
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87588
x-xss-protection: 0
expires: Fri, 27 May 2022 20:30:02 GMT

GET
H3-29 200 AuthenticationService.Authenticate Show response
maps.googleapis.com/maps/api/js/ 62 B
83 B 24ms
23ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js/AuthenticationService.Authenticate?1shttps%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&5shttps%3A%2F%2Fwww.tvnz.co.nz%2Fone-news%2Fnew-zealand%2Fautomated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information&callback=_xdc_._gx35c7&token=95682

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/common.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

7b633c337b6117f13041e204d9dd542477becc345b6948666ee90e1a7dff6d6f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:42 GMT
content-encoding: gzip
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, must-revalidate
content-disposition: attachment
server-timing: gfet4t7; dur=2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 10 KB
5 KB 119ms
119ms XHR
application/json 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=581&height=326&pubid=169497&tagid=953497&crid=5242975&noaop=3&sortOrderType=0&cb=1622178344290&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1233&pt=-1454669387&tz=120&viewable=true&ddast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1657145&dpubid=321195&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.tvnz.co.nz&en=1
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d02be31023cf8459a18bab4f52110bc64332b1c8e269a22eb13d2e339dc6b005

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

date: Fri, 28 May 2021 05:05:44 GMT
content-encoding: gzip
access-control-allow-origin: https://www.tvnz.co.nz
machineid: 1421
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra19158-FRA
pragma: no-cache
server: nginx
x-timer: S1622178344.300095,VS0,VE95
vary: Accept-Encoding
content-type: application/json;charset=utf-8
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
link: <http://taboola-d.openx.net>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect,<https://taboola-d.openx.net>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---

48 B
249 B

29ms
29ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:44 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:44 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---

48 B
240 B

33ms
33ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:44 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:44 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---

48 B
248 B

30ms
30ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:44 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:44 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
121 B 99ms
58ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.tvnz.co.nz
date: Fri, 28 May 2021 05:05:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 10 KB
5 KB 111ms
110ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=581&height=326&pubid=169497&tagid=953497&crid=5242975&noaop=3&sortOrderType=0&cb=1622178349293&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1233&pt=-1454669387&tz=120&viewable=true&ddast=V7MDICFgOS-wMCI0Ic6wSS-wMCI0Ic6wUAAAAGBuIHHLFgkSgsFmtFYS12w-FqsFmshpvdYrJZbIbAEQsWicJisVYU1mI3HK4Gk8lgtpgtlsvdcgohwjL7fW8F5fT0mF1uUdH1ttgdTrPnrbc8fU67w-yGQEQ0nQ6f616v-_3uotvdetf47XLrX293ueUu3-cvd_ne0pfD7LCb_ArX6e92mF4mt-Dot7vcmo_D7daYHU635y0ymt06v9_keSv_rrfEdXorzGa36OhyviUvh9nsfOsedtNb-Xdd3oKX5fO3O8xupd3mt7wdpqffbgcAAACABwAogC-IH0AAgAgAAAAACQAAAACKgIp_C4ELAAAAAAyAg85aDQAKDoSwvOwmv93rDwCAhwIQAAABDBIAAvPVEoCMpJwTAAAAAAAAAACW_____5iB-b42GQCPo4kegAcfgAeigtUiRgAAAABSZhOER5M6obKoAgAgSLcCuAIACMiL7brQCwMAABgYW6CHxe83O-wav9tlAAAAAAAAAABm_2f_aEJNUexpQKKPXGq_gAAAa7-AAABs6gYA8CYAF3QGuJzslpPVJcxisVhslovF7AAAAADu_v____VAZjAYjkYm42SwW22cI9NgMrFZTIvhbjJzLJfDzfa2cqgNNOy0I_pChGX2-94KyunpMbvcoqLrbbE7nGbPW295-px2h9l-E7YYrSaTzXI4Wy4mg-FoOBrtTwCXA5yIwXI5mSwmu9VoNdoMd6PZYIECMZjghAxHm8lqtFvtJsvhZDSabSYbpGjVajbaDIar2WS2262Gg-FyNEKK1ixmk8liNlruNoPlZDQYToZDhBmTybgaWYZryWKwW4tGI8ta4nIM1xLjwuHYjJzLicPkFr0-pt_CObM5LFsUDBjci-AinYhud-tbb7dbxBLNySKdyC77zmAwHI1Mxslgt9o4R6bBZGKzmBbD3WTmWC6Hm33HZDKuRpbhWrIY7Nai0ciylrgcw7XEuHA4NiPncuIwuUWvj-m3cM5sDsu-MZtMFrvhZjPcN2aTyWI33GyG-w6d4bv6nI3ayULksdmW55JxMTMfFC6DxbtRrY7jz-QgLZmNTqG3tizqjH6_3-_3-_1-v99v0HoOZoPC9zz8hdPH8lwOZ6MHoyKWCE4X6UT0Mp4uYonkaZFORLbRxuXwLYcrx2JkMW08ltnMZRh5bI6VYbFweSxiidJ0kU70ervLLXf5Pn-5y_eWvhxmh93kV7hOf7fD9DK5BUe_3eXWfBxut8bscLo9b5HR7Nb5_SbPW_l3vSWu01thNrtFR5fzLXk5zGbnW_ewm97Kv-vyFrwsn7_dYXYr7Ta_5e0wPf12i_qPDTiZKwaTuWI5V2wmqwQAAAAAAAAAsIQ58yYAAAAAp8FMFovlarkAEeg9uj-zvhIOlFAru701cR3a9IApxY0fI9Dtbn3r7XYrA0Sg7zBv9kwQa7Va1gAAAALYAAAAAdy6eQ9Yg05y!&proto=2,3,5,6&encoded=1&pstn=vforce2&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&dtagid=1657145&dpubid=321195&abtst=adh5c-1_vA!insc_vA!rvf1_vB!spa2_vA!ufm_vA&mPre=0.033&cirf=https%3A%2F%2Fwww.tvnz.co.nz&en=1
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: d768804520fff8661e81de5ee7e67c86b3c70cae86699cd6e5751d760915472c

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:49 GMT
content-encoding: gzip
server: nginx
machineid: 1464
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
link: <http://taboola-d.openx.net>; rel=preconnect,<http://taboola-d.openx.net>; rel=preconnect,<https://taboola-d.openx.net>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0ZjMwZjQtNTQ4NC02YzQ5LTQ3MzctMTZjNmQwYmNlODhk

0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU0Mjg4MmItNWI1Yy02NzA5LTZjOGYtMzg1MTYyMjI2Mjhk

0
0

GET

pixel
cm.g.doubleclick.net/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

0
0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=541033703&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---

48 B
248 B

30ms
30ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:49 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=541033703&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=540790701&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---

48 B
248 B

28ms
28ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:49 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=540790701&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2

200

av Show response
taboola-d.openx.net/v/1.0/
Redirect Chain

https://taboola-d.openx.net/v/1.0/av?auid=542513073&gdpr=1&us_privacy=1---
https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---

48 B
239 B

32ms
32ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.207.0 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 05:05:49 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 05:05:49 GMT
via: 1.1 google
server: OXGW/16.207.0
location: https://taboola-d.openx.net/v/1.0/av?cc=1&auid=542513073&gdpr=1&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.tvnz.co.nz
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

POST
H2 200 OpportunityServlet Show response
am-vid-events.taboola.com/ 1 B
120 B 42ms
42ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-vid-events.taboola.com/OpportunityServlet
Requested by: Host: www.tvnz.co.nz
URL: https://www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9

Request headers

Referer: https://www.tvnz.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

access-control-allow-origin: https://www.tvnz.co.nz
date: Fri, 28 May 2021 05:05:50 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YTI0ZTViMWItZDU2MC02OGRlLTVlNTItNDI0MDQ2ODQ4MjIz

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NGI0ZjMwZjQtNTQ4NC02YzQ5LTQ3MzctMTZjNmQwYmNlODhk

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MDU0Mjg4MmItNWI1Yy02NzA5LTZjOGYtMzg1MTYyMjI2Mjhk

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc

Verdicts & Comments Add Verdict or Comment

373 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.tvnz.co.nz/	1970-01-19 18:36:20	Name: _tb_t_ppg Value: https%3A//www.tvnz.co.nz/one-news/new-zealand/automated-phone-scam-claims-dhl-goods-you-but-all-they-really-want-your-personal-information
.imrworldwide.com/	1970-01-20 03:57:54	Name: IMRID Value: 570e1610-bf72-11eb-80e5-3bd16cb1dcc3
.imrworldwide.com/	1970-01-20 03:57:54	Name: SSCVER Value: v1
.tvnz.co.nz/	1970-01-20 03:57:54	Name: __gads Value: ID=d4b1d34d4d2fea17-2289e37729c8005b:T=1622178337:S=ALNI_MYNBZOoLYLgqSvNDJsZKqHhqQG8iw
.tvnz.co.nz/	1970-01-19 18:36:18	Name: _dc_gtm_UA-808429-47 Value: 1
.tvnz.co.nz/	1970-01-20 03:21:54	Name: ajs_anonymous_id Value: %222a001390-3ee6-4087-98c5-b53f3f98c337%22
www.tvnz.co.nz/	1970-01-19 18:36:20	Name: _tb_sess_r Value:
.tvnz.co.nz/	1970-01-19 18:36:18	Name: _gat Value: 1
.tvnz.co.nz/	1970-01-19 18:37:44	Name: _gid Value: GA1.3.482593085.1622178336
.tvnz.co.nz/	1970-01-20 12:07:30	Name: _ga Value: GA1.3.916350160.1622178336

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.tvnz.co.nz/etc/designs/news/storypage_public.min.e3bf14e50f687df6f0e25077644b1ccc.js(Line 111) Message: initial story lead videos
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210527-9-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - organic-thumbnails-a
console-api	warning	URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js(Line 228) Message: Google Maps JavaScript API warning: NoApiKeys https://developers.google.com/maps/documentation/javascript/error-messages#no-api-keys
console-api	warning	URL: https://maps.googleapis.com/maps-api-v3/api/js/44/14/util.js(Line 228) Message: Google Maps JavaScript API warning: SensorNotRequired https://developers.google.com/maps/documentation/javascript/error-messages#sensor-not-required

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
X-Content-Type-Options	nosniff nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
7cd51453153f9e5431afb7d8cebd0c49.safeframe.googlesyndication.com
a.sportradarserving.com
ad4m.at
ads.betweendigital.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
api.segment.io
bam.nr-data.net
bcp.crwdcntrl.net
beacon.lynx.cognitivlabs.com
bee.imrworldwide.com
bh.contextweb.com
bttrack.com
cdn-gl.imrworldwide.com
cdn.jsdelivr.net
cdn.segment.com
cdn.taboola.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
cm.g.doubleclick.net
code.jquery.com
cookie-matching.mediarithmics.com
dis.criteo.com
dpm.demdex.net
dsum-sec.casalemedia.com
e1.emxdgt.com
eus.rubiconproject.com
fastlane.rubiconproject.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
ice.360yield.com
id5-sync.com
images.taboola.com
imprammp.taboola.com
jadserve.postrelease.com
js-agent.newrelic.com
maps.googleapis.com
match.adsrvr.org
match.taboola.com
news-image-prod-imgix.tech.tvnz.co.nz
pagead2.googlesyndication.com
pips.taboola.com
pixel.advertising.com
pixel.rubiconproject.com
platform.twitter.com
rtb-csync.smartadserver.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
s.c.appier.net
s0.2mdn.net
sb.scorecardresearch.com
script.crazyegg.com
secure-assets.rubiconproject.com
secure-gl.imrworldwide.com
secure-nz.imrworldwide.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
sync.taboola.com
syndication.twitter.com
t1.taboola.com
t2.taboola.com
t3.taboola.com
t4.taboola.com
t5.taboola.com
t6.taboola.com
t7.taboola.com
t8.taboola.com
taboola-d.openx.net
token.rubiconproject.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
u.openx.net
vidstat.taboola.com
wf.taboola.com
widget.perfectmarket.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.tvnz.co.nz
x.bidswitch.net
cm.g.doubleclick.net
103.231.157.164
104.111.230.142
104.244.42.72
13.226.159.43
13.226.159.49
13.248.242.197
141.226.124.197
141.226.124.206
141.226.124.221
141.226.124.229
141.226.124.239
141.226.124.240
141.226.224.32
141.226.228.48
142.250.185.130
142.250.186.130
143.204.98.6
143.204.99.83
151.101.114.110
151.101.13.44
162.247.242.21
172.104.121.22
178.250.0.163
18.159.17.140
18.185.197.81
18.195.155.181
18.197.249.149
185.33.221.53
185.64.190.80
185.86.137.132
185.94.180.125
188.42.196.115
192.132.33.46
198.148.27.139
199.232.137.181
199.232.137.44
2.18.234.21
2.19.35.65
2001:4de0:ac18::1:a:1b
216.52.2.30
216.58.212.162
2600:9000:2156:1400:1e:a43d:b640:93a1
2600:9000:2182:a200:2:42d9:3100:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:ad1
2606:4700::6810:135e
2606:4700::6813:9408
2a00:1450:4001:809::2004
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:813::2001
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:831::2002
2a00:1450:4001:831::2006
2a00:1450:4001:831::200e
2a00:1450:400c:c0c::9b
2a04:4e42:1b::621
3.215.93.225
35.244.159.8
51.83.106.180
51.89.21.21
52.212.101.97
52.212.68.88
52.28.254.214
52.59.128.17
54.171.173.220
54.174.195.234
54.187.253.2
54.239.17.112
69.173.144.138
69.173.144.139
69.173.144.141
03cb99c415445a8ec6a250edc30509513887053f89c8338965ff01f7f2d552ca
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
07bc93663fe992c36e5bfa1b5855290f85da961b98961a58d870d0b8c759dfc5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d66d4f71e1591fda296a304e3f30b96c38643877cbafe56ade654b01d7e3879
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
13e3dfa019adc5d3a7ba144426589f45743b5e73e4c8f5135d2dc0ca4afa3e78
18344242ff477e6698f24b0211d53b9194cef9905ad67c8649e8a41ce614b415
1851d63a593ae620b7145ff833808690238d87ec5705081bdc3d0a6f4733b64a
18cf88c5ca493ca8689496899b6563ba764b9d722db230e82c89e2126b674c93
1b599c23546e51ea3380c250b1420a47f265218edb7a58562323dee909fa7ac5
1be2e948c35e67ede6d1381a2059900e0d783ff35ea6840efac25a93250b4886
1cf1ee7418456de511c383c7124e3645112e8315d88fda8ed205b6fb17c8c85d
1d89405054b0eccfd66baa763bf4781b8dff83824636284b79800ecdc25579f1
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
1e4d123c873c45c977353c0f5cf2c5b4f20ed8c75b65e048d42f528e8dd4f271
1ef97bf373048cb034965423351318ae7ffedb65f6c8601c38eda238c097653a
20b9cbec874f68a539e74e82bd30db235ed0f93f36389d26fc4116a0332f1584
23aeb7a53ddb973f84b0701a8c26c591112fc5964ec298eea1e59bb10e010e66
26af9a3fef351c2062eb9c6c15ab619007535b14fadca82a40f1c902928db8e7
26e3f3f75c2b5ada68d0b005a9b28ea8bbba6ed89e78e94ec1e605e8691547ce
2b2ae4ef2de940fe521de3210e9b64120eedda806b404dd8265dad7435f3aab8
2c5821f4a655bc605e3195f8940db31bbc3075b50c26d1111f2b3c8781ec6e0b
2c8598654642759a89e6001b1f75b30fcd92b1e788cd490853985dabfc490d13
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d1c4dad4a965524e5be23317adaf2000ffa36bf77d0c53047a871efe33f80f7
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
2eaf6c67288d401f80dd6a98dd8da3bae85b4fbb47ee18039793256ab7872268
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
33b73fda0ee6af8a5835d5851fc53884c101400b3975addd2c57e894f7cdfeec
340792a7a42feffabbddc144fe4059013ff8af265ca9c3337933e0b633569367
3622d2041fd2390dd10eb9832096e4b89d1b925565650f004aea76adbd54f5f0
38636d685374771224f4f6d6b0306f69492eec9f87654eed0c5250fb6d2ceb5b
3f482c62b7a6766422f865cc8a6109995863b7f74311837f86b5d73b178e1ccc
3f9ac1030db5051a8f8d0566d8ba8b691a13f318d42f6de2568b372d47a831b2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41c9566a1f0dee8caefa4f5de27a4ff09a3b49113fb611330630af21bf6e95c1
432549f2238667aa778f89028a38728df57594985efacf8cc1375929e869b5c7
48015da42a52ae4a114664f6a01d18f23d2240ced0d0a61752c742afbffd6196
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c7a00a62dae47f84c711b16709096c817de4dd6d5daebfaa62e15365eb35eb0
4e9b1e9b290756c5ebc9849983de1f7d7db1685f76386ada579863f26897ec5f
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515905b07770ef92c28c62d6289805f4146eb92b6b7a3f547b38cc2a3f224986
5249a65c658368bba23e8114a544f9c5c3509f0e946993fe6932a1b965016336
524ca9e9311fb0f453c92d7b435c877ba7f76b8ef23cd0f7071dcbd531c8653e
53f304eb433c811cb5479a41313bd87e1dd2c31ec798415378325b5fa7969736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b79cdf18dd5343633d14f5abc973e61e7e4a686ee68ecc7c12c00020a56da6
5b497b3dea8511b361da644850f9a576c982e26ce7b18754c5c82f50f4049024
5e864c2e3f674c60970513411eaeeeafd2d615d842e65ec01d09ccfcb4a7b38d
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f789ea36ae4671282524bda454709578d63b915b782c1e041132a7e726ff1c3
5feceb66ffc86f38d952786c6d696c79c2dbc239dd4e91b46729d73a27fb57e9
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
624b60c58c9d8bfb6ff1886c2fd605d2adeb6ea4da576068201b6c6958ce93f4
644ec2ca87b013f9b7369ff6f3bd345d3aed281c079d62fa2d3dc283105b5726
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b514da2aed798bb9c409b346194c0e2b38edfd554f412e4af2717892f5300ff
6ee70a1fb920afb5bbd7ee8bc412050d3d70e57aff3defb311f95540a5ff351e
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
70806dacb0ef3342d6ad33c650254efb88e0c6f6fa5982c4d8b099c63d8b55c3
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7327ccc438fc485cdbd506450b53246974166453a420e9d379529e25cf490d23
740bf5f1aecd507647d455f3c9c19b7a405307adb22085c9f6887d57a7f42862
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
77cfa4551c08ff8c0d5d3101244f82abbd011d57cd8e872f74bc208fef776d07
77f8a961ed1253a7428ca62e45a4994ae634baf5471d1b9781346f5e23f88851
78b254c5cc1faadff7cb18699e0156ebc11cd66d174aa6e474a33e458fb16252
7b555d871b455fb30a2fbb8b953c3ed2edd0ecd016ca2d0eac4252ac774ab06f
7b633c337b6117f13041e204d9dd542477becc345b6948666ee90e1a7dff6d6f
7bb9a72728e3d19459195b5e9f781812ad2c6bfbc434c5890a49849268357a4a
7d9c4f06f0b1a90da3389b34ba0903601ed125f8cad4e90304facb3a07fc76ed
82fba5f2a3814f5a06b59a3a4a84d9edc1145d1ca57d54ccf321ce03af57bb9a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85cedc7f129bd0ede0c7eeedd3441fb368dcdacaf9676a9a135e0c6a53284ed6
8959dabf16f1cbe173522716882cbb37d9d30b506cb9cbb5e2aec15bd64c0d7b
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
916d29998baf302ea3c88e031e6f77370ef2aff02258f1b53557599099d27cdc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
958d05b6fbb5007d70cf4fb13838905b3dc6dc9fe978a8764ee0bcca04094628
95bcc84037498c7d4ac857c53ac95303c8960fc287f9f5b7016b2a9ea6e32120
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
983775b438c242df7cb0ceb87bd2582f96ff0d4e8043f822adf3a3e93261b9a8
9924cf37dd958daf0d43371effd7c8c33dadb41380398a40ea16e7cd2cd424c3
9afb6dc52966e9ebcdbd87dd951bf87f02f4a38da842a6b437647292ed88d795
9b0d9cbd6693c6ff72c886cbf77216bdb5c441d58f03db1fbea73a7b13a61506
9eff3eec886851564187fbed699376c7b2e61a326b2592e94c28d4ab84beda71
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a12b87855b6403c6f73092396d80541a6984aae03097a637769291d9cad15d19
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6015bdcb4f8a9b533a29f1bfadab27d59c6db97d3e972f15e2a8c47394a8c52
a6d78b380c6989a8c16b9d19647f6b3a2e46cbc19ac16f4408841f2f683eb023
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7ab0219591836b96d5f05b28451af615ef6349fac602f7aced9720eabee1acf
ab8bbbaf028510d8b119cce741f0c2cc94816dcc113d83cac81a6aade6a76fa9
b0b26d33b2d232a3ed1ab13e10c556413c87fcae611a72c8d8de751edf706f47
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1482489920c1d5d3aa169f3b42fc069c2dc11fbf515073cb9cdeaeb6e6896e1
b7a56873cd771f2c446d369b649430b65a756ba278ff97ec81bb6f55b2e73569
b9379402894a3515fbd8fa359dffb9163ed3da4612c10d1802489e0504821291
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
b9dda5b243c92e46d0e3d3ceb4dc1782855c5ca451000f3052f47ba9cee0f315
bcf57ee734b4f25d2b5c90f3e91af7c8c27081a818f1890cd1ca3a3c5511490f
be58f3228b7d5bdcb21741899f24150c596149e029409ca24b7afc509dbb9d82
bf56d0c6b86f69d3f6dfb156399577c16da981c390a16d26c7752ed85bc38ac4
bfe8a8399335a9e831961e7ff19fecf946fbcc1b264904f0413b5aa963ad66fb
c0fb2b89d40c1b2eff4da3d58d2a0b2314cab10142bc8d024bc2119914b6baf2
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c403bc76d0b9c194c95e88eb22cfcc91ea7f00181df3c66835eb19c53e3cbfff
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6d61aaf37f9712de63cd827248a50bec48bd05169a6e4c558cb950c8c6fb763
c83cd4afd9a3acd6ea6655fb9b5eeb23a90c0b4cd6a424c6faa0dee9a80ca5a4
c97550ce8213ef5cf6ed4ba48790c137df3ef6a5da20b48961001a634b6cead2
c9815821ab1442501b9e9bae3d4bc5730315d6a513c8b40141b2d47b76da1916
cb93ff9862cf1239fbcbee65b55d9ad4d628b4fff81211d30b26300e8408b1db
cb9ada87bbf9fdb5f29272260ee39e26ef9845752a4393b4931d1517e7baac9a
cbab69ef04499e19f9482e2a413c078b73a20955a8122be551d1f3eb26cad573
d02be31023cf8459a18bab4f52110bc64332b1c8e269a22eb13d2e339dc6b005
d0409a1b73dab4e29dc40f92fb431fa9133baa23b4a1ffae4897f39068110e32
d0d2f9b28dcd14612f48999bd80d0ba7dae6961ccabe50825a3ddb526a14aced
d1b35b46af3fb8a1f38c07cbc9a3e2b105d2dc8ef052908f26c47c39701ed6ae
d768804520fff8661e81de5ee7e67c86b3c70cae86699cd6e5751d760915472c
d8848a8c1ba02660d515e576a32898ea6a06f58197356cbc09db5c34940e7b74
da36141abcd5ad64ad2c3ab6099d3339c44bf456289cce2243fbc2a7c1e51ae9
da8da07ffa93f21d6759c3621e1862524e7c303443d58fcbb8a950b84455eaac
db9027c17f2432fa1db45d8676b78581b2c9320607162f9504e1f217de9b30e8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def62bb5838df5507f37343e2c8a643a46f4a4c0abfd4226d84cf7258c5c9a62
df5978120ab661004f993de1c4f2fc1c119207c7342f4022b7f4167ced53bd28
df9be695800b5cd396bd40230f37315191784929d929663167158ccf4e7ca5a0
e0b3ed829fbab8e90f60abbab0fe77f7a1b6da2f1badd19b33c99c22c7f074a2
e260085bb2f6e35ccd8701c007bc9bc0ef2807f932cf3687bbdbd905e9651a72
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e747266f72ba6646bf58c7d72c5ceaca8e7e3feb9ed8976cc8499212c539f2ce
e81ce86cc2a8a4e10c410fb81cc69052532e08edc52df11939930be3bfc0ac9d
ea3286f7dcada5de0df3bce7c768b7588e7670e5da6c24134d95dcc45302dadd
ec888d01cb1a946d2210a9ffd8b5677c8543e86717bfa1fcf62be66e1263f611
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2d19a369e94c363a77d8ea69f50bdb1c1a2a7828fc18747f892b74d0a033cbe
f2f6d277e9a00330022be2b7ef4441ed84127e2359bfe7f7800c10f294e81917
f399e618c9dfbfc848e3ee24304532d88a5291cc5b027eea2733d425f1dd1a0a
f5be796439b66283c7bc23da4d3ea539144f96b3a4f2b5e2c1cabd7a395e3a23
f60c4600705d04f5c55db54f646fec728f9458c4fbba35adb4ac114077cb2391
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa50d3b4d4151ae175f3ca8507f2cf042a9c270387b7375e7e035c62b0a2d349
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fef269571f27c369be45dbc589fce9730f1e137492437ceea15fec31d0838038

www.tvnz.co.nz Open in urlscan Pro 103.231.157.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

241 Requests

95 %HTTPS

30 %IPv6

51 Domains

94 Subdomains

70 IPs

11 Countries

2329 kBTransfer

7723 kBSize

10 Cookies

21 Outgoing links

Redirected requests

241 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tvnz.co.nz Open in urlscan Pro
103.231.157.164 Public Scan

Screenshot
Live screenshot

Full Image

241
Requests

95 %
HTTPS

30 %
IPv6

51
Domains

94
Subdomains

70
IPs

11
Countries

2329 kB
Transfer

7723 kB
Size

10
Cookies

241 HTTP transactions
4 data transactions