morena.co.nz Open in urlscan Pro
45.56.219.238  Public Scan

6 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

• https://pixel.onaudience.com/?partner=137085098&mapped=1040167995376404FCA1663CB3A7050A HTTP 302
• https://spl.zeotap.com/?zdid=1332&zcluid=ef958be12b7849af

Request Chain 34

• https://ap.lijit.com/readerinfo/v2 HTTP 307
• https://ap.lijit.com/readerinfo/v2?sovrn_retry=true

Request Chain 39

• https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=981aeb544b658848c8fd12849d9d7311 HTTP 307
• https://cm.mgid.com/m?c=981aeb544b658848c8fd12849d9d7311&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1

Request Chain 40

• https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC_CUID}%26gdpr%3D0 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=9ab29178-bc3c-43da-a47d-0f0d97b2f8af&gdpr=0

Request Chain 41

• https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 HTTP 302
• https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1

Request Chain 42

• https://c1.adform.net/serving/cookie/match?party=1040 HTTP 302
• https://c1.adform.net/serving/cookie/match?CC=1&party=1040 HTTP 302
• https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=558259600741416905/gdpr=/gdpr_consent=

Request Chain 43

• https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8E4C471B-36EA-4452-8A4C-FF2092FA2A62&gdpr=0

Request Chain 44

• https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
• https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 HTTP 302
• https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a/gdpr=0/gdpr_consent=

Request Chain 46

• https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=981aeb544b658848c8fd12849d9d7311&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=981aeb544b658848c8fd12849d9d7311&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftpid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
• https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252Ftp%25253DTPAD%25252Ftpid%25253D107f3c2e-9073-4611-9f6d-c7c2ca66c00f%252C&gdpr=0&gdpr_consent= HTTP 302
• https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a&ttd_puid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f%2Chttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D10158%252Ftp%253DTPAD%252Ftpid%253D107f3c2e-9073-4611-9f6d-c7c2ca66c00f%2C HTTP 302
• https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f

Request Chain 48

• https://dpm.demdex.net/ibs:dpid=121998&dpuuid=981aeb544b658848c8fd12849d9d7311&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
• https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=981aeb544b658848c8fd12849d9d7311&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 HTTP 302
• https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=70443262403994092683359880332901921131/gdpr=0

Request Chain 52

• https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-15292eb0-f8a5-5881-78d2-250c03f2128b$ip$103.254.153.210&gdpr=0&gdpr_consent=

Request Chain 53

• https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 HTTP 302
• https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-pmf1lu9E2pxuvMaxBmBdcRGdKZxArsdEHlU-~A&gdpr=0

Request Chain 54

• https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 HTTP 302
• https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e12d6422-0f66-4f00-83a0-30a2dce9ce70&src=lot&gdpr=0

Request Chain 55

• https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
• https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 HTTP 302
• https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3276fa9e-3d24-444c-835f-360df2382143-64220f66-5347/gdpr=0

Request Chain 57

• https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 HTTP 302
• https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZCIPZgAE4rSXIABB HTTP 302
• https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZCIPZgAE4rSXIABB/gdpr=0&_test=ZCIPZgAE4rSXIABB

Request Chain 58

• https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0&google_tc=

Request Chain 61

• https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=36856455 HTTP 307
• https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D36856455 HTTP 302
• https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=1132352543216883069/gdpr=0/rand=36856455

Request Chain 62

• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl&rnd=76656 HTTP 303
• https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl&rnd=76656&_li_chk=true&previous_uuid=44383b3d8d24414b97a91854effe7caf HTTP 303
• https://i6.liadm.com/s/59074?bidder_id=204553&rnd=76656&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl

Request Chain 63

• https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GYe9BSZHXrkroLVYQqG89HDl&rand=56793&pu= HTTP 302
• https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GYe9BSZHXrkroLVYQqG89HDl&rand=56793&pu=&expected_cookie=4c26cb1f-64c3-4129-875f-9f885b48441a

Request Chain 64

• https://um.simpli.fi/lj_match?r=14594 HTTP 302
• https://ce.lijit.com/merge?pid=2&3pid=F3A5470B4E2341E6920D17707306A812

69 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response morena.co.nz/	18 KB 5 KB	2077ms 329ms	Document text/html	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 2cb3b009fdad68c10e6dcd1c091dc7318a8cb12855a6d6894df2a1a5107d7fa0 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Content-Encoding gzip Content-Length 5192 Content-Type text/html; charset=UTF-8 Date Mon, 27 Mar 2023 21:49:20 GMT Expires Thu, 19 Nov 1981 08:52:00 GMT Keep-Alive timeout=5, max=100 Pragma no-cache Server Apache Vary Accept-Encoding,User-Agent
GET H/1.1	200 OK	main.php morena.co.nz/templates/default/css/	391 KB 65 KB	395ms 394ms	Stylesheet text/css	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/templates/default/css/main.php Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash a7ce73a36ddbe53042e2e3d5304e724d8edc73e147310a79183e0d738c26eae1 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:21 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Transfer-Encoding chunked Content-Type text/css;charset=UTF-8 Cache-Control max-age=2592000 Connection Keep-Alive Keep-Alive timeout=5, max=99 Expires Wed, 26 Apr 2023 21:49:21 GMT
GET H/1.1	200 OK	logo.png morena.co.nz/uploaded_images/resizer/650x108/r/	32 KB 33 KB	814ms 321ms	Image image/png	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://morena.co.nz/uploaded_images/resizer/650x108/r/logo.png?v=97 Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 08cc90e5dccb7768b8574ad9a2bbee96369ec0d7f8458d3d20737af6b71c8324 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:21 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 21:49:21 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type image/png Cache-Control max-age=864000, must-revalidate Connection Keep-Alive Accept-Ranges none Keep-Alive timeout=5, max=100 Content-Length 32980 Expires Thu, 06 Apr 2023 21:49:21 GMT
GET H/1.1	200 OK	jquery.min.js Show response morena.co.nz/js/	95 KB 33 KB	720ms 273ms	Script application/javascript	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/js/jquery.min.js Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash e1e8c13b64969900ffee87ca98734e341febbbdaa4b1765ddde3083fad22c058 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:21 GMT Content-Encoding gzip Last-Modified Fri, 03 Dec 2021 11:45:48 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 33309 Expires Wed, 26 Apr 2023 21:49:21 GMT
GET H/1.1	200 OK	bootstrap.min.js Show response morena.co.nz/js/	46 KB 14 KB	728ms 245ms	Script application/javascript	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/js/bootstrap.min.js?v=27 Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 9de797c0c34990b1570f2cccd7fc260fbaba759baf69fb1f3caa8e097ab7cabe Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:21 GMT Content-Encoding gzip Last-Modified Fri, 03 Dec 2021 11:45:48 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 13912 Expires Wed, 26 Apr 2023 21:49:21 GMT
GET H2	200	2fa1f045a7.js Show response kit.fontawesome.com/	11 KB 4 KB	252ms 223ms	Script text/javascript	2606:4700::6812:1634 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/2fa1f045a7.js Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 086f5ecb69a148214a256b3dd39b6226af073e1f58b0046558847f80782ad57b Security Headers Name Value Strict-Transport-Security max-age=31536000; preload Request headers Referer https://morena.co.nz/ Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:21 GMT strict-transport-security max-age=31536000; preload content-encoding gzip cf-cache-status MISS server cloudflare access-control-max-age 3000 access-control-allow-methods GET, OPTIONS content-type text/javascript access-control-allow-origin * cache-control max-age=60, public, must-revalidate vary origin, accept-encoding, access-control-request-headers, access-control-request-method cf-ray 7aead7bf5f094094-SIN access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F1BlC5EMWyJL_qkC1HGB
GET H/1.1	200 OK	jquery.infinitescroll.min.js Show response morena.co.nz/js/	21 KB 12 KB	711ms 239ms	Script application/javascript	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/js/jquery.infinitescroll.min.js Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 9f484dd7a9b3fe26e3d051f9d23e07ea8e8b1e44e7bdd6e2627a1f80a9df9c9a Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:21 GMT Content-Encoding gzip Last-Modified Fri, 03 Dec 2021 11:45:48 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 12113 Expires Wed, 26 Apr 2023 21:49:21 GMT
GET H2	200	all.js Show response connect.facebook.net/en_US/	3 KB 2 KB	16ms 4ms	Script application/x-javascript	2a03:2880:f00c:19:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 4f1d3842c50c9c9a8fe5433d22a740137965771d5332a624dc1e415a84a8cd07 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 27 Mar 2023 21:49:22 GMT content-md5 USOEFJOEEFuoberlUZJDxw== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1683 x-fb-rlafr 0 x-fb-debug pMvwulOX0qWECXtgSyVU8dvUBvCCOMlhfTXyjiX7bx+YPmV/2fhqBguMUm/i4qqgq+SZPIRWBJgIPptGHhSKPg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-trip-id 548340344 x-fb-content-md5 f3f965603ca089b6ec5f60f77ef50563 cross-origin-opener-policy same-origin-allow-popups etag "4ff93f2594567b1162a48cfd2a58cf9c" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=1200,stale-while-revalidate=3600 x-frame-options DENY timing-allow-origin * expires Mon, 27 Mar 2023 21:49:55 GMT
GET H/1.1	200 OK	fontawesome-webfont.woff2 morena.co.nz/templates/default/fonts/	63 KB 63 KB	355ms 354ms	Font font/woff2	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/templates/default/fonts/fontawesome-webfont.woff2?v=4.6.3 Requested by Host: morena.co.nz URL: https://morena.co.nz/templates/default/css/main.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019 Request headers Referer https://morena.co.nz/templates/default/css/main.php Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:22 GMT Content-Encoding gzip Last-Modified Fri, 03 Dec 2021 11:45:50 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=98 Content-Length 64466
GET H/1.1	200 OK	oswald-v35-latin-regular.woff2 morena.co.nz/templates/default/fonts/	16 KB 16 KB	355ms 289ms	Font font/woff2	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/templates/default/fonts/oswald-v35-latin-regular.woff2 Requested by Host: morena.co.nz URL: https://morena.co.nz/templates/default/css/main.php Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 76db825b68979b9ea6cc55fa14373b7bf5e3beb7388cd2efa485938bb2a389fb Request headers Referer https://morena.co.nz/templates/default/css/main.php Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:22 GMT Content-Encoding gzip Last-Modified Fri, 03 Dec 2021 11:45:50 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type font/woff2 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 16039
GET H3	200	all.js Show response connect.facebook.net/en_US/	308 KB 86 KB	11ms 5ms	Script application/x-javascript	2a03:2880:f00c:19:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/all.js?hash=aabdae0e0d1a87c74d9800e7f080ee2f Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/all.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f00c:19:face:b00c:0:3 , Singapore, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash f30a24a30be5e0de50e033b95637c791870bae26cddbacbb0a22e5e7df7891c1 Security Headers Name Value Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY Request headers Referer https://morena.co.nz/ Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000; preload; includeSubDomains content-encoding gzip x-content-type-options nosniff date Mon, 27 Mar 2023 21:49:22 GMT content-md5 YqPK41W0cXUDMKz6cUGOVg== document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 88444 x-fb-rlafr 0 x-fb-debug mURN2vIgKE3FuX8z49rAmxC/8K+NMJXvxuRP23eIMyUH8Ii3yh8rmwYixoEDBIqUoPfYM9LopGWFePi8MM829w== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" x-fb-content-md5 5a2872162ab6f7ba94e1ae9894bf5385 cross-origin-opener-policy same-origin-allow-popups etag "daf490fd183475d2c14b11bcf38233e1" vary Accept-Encoding report-to {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"} content-type application/x-javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers X-FB-Content-MD5 cache-control public,max-age=31536000,stale-while-revalidate=3600,immutable x-frame-options DENY timing-allow-origin * priority u=3,i expires Tue, 26 Mar 2024 14:06:57 GMT
GET H2	200	z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 fonts.gstatic.com/s/opensanscondensed/v13/	16 KB 16 KB	46ms 36ms	Font font/woff2	2404:6800:4003:c00::5e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/opensanscondensed/v13/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2 Requested by Host: morena.co.nz URL: https://morena.co.nz/templates/default/css/main.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2404:6800:4003:c00::5e , Singapore, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 68116287d6b99feff98ad41fa01cdc251f12b52e253bab507ed2eaa7a363e2b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://morena.co.nz/ Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 16256 x-xss-protection 0 last-modified Tue, 19 Feb 2019 22:40:44 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 26 Mar 2024 21:49:22 GMT
GET H/1.1	200 OK	data_index.php Show response morena.co.nz/	10 KB 3 KB	335ms 334ms	XHR text/html	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Full URL https://morena.co.nz/data_index.php?page=2&sort=newest Requested by Host: morena.co.nz URL: https://morena.co.nz/js/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 6e89b29754388eaff1671831c0472958371aa8483d69dd0c6376125c361b058b Request headers Accept text/html, */*; q=0.01 Referer https://morena.co.nz/ X-Requested-With XMLHttpRequest accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Pragma no-cache Date Mon, 27 Mar 2023 21:49:22 GMT Content-Encoding gzip Server Apache Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control no-store, no-cache, must-revalidate Connection Keep-Alive Keep-Alive timeout=5, max=99 Content-Length 2972 Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	ajaxloader.GIF morena.co.nz/templates/default/images/	9 KB 9 KB	245ms 245ms	Image image/gif	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://morena.co.nz/templates/default/images/ajaxloader.GIF Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash fbc148e31b44cbb9610b7b9d05d5357cea08286d78dbe77623bdc48f4c6f0db4 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:22 GMT Last-Modified Fri, 03 Dec 2021 11:45:50 GMT Server Apache Vary User-Agent Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 8721 Expires Wed, 26 Apr 2023 21:49:22 GMT
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.4.0/css/	100 KB 23 KB	39ms 17ms	Fetch text/css	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/css/free.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd28ebf7bdffb45da731413ed6e6940dc60123aa120bfa5a3909a40b2a2ba7e1 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 4051cd1127320e383387d289cc46a5fc.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 23 Mar 2023 21:29:21 GMT server cloudflare etag W/"5febfb939e2fc4ddf14fffae53b72cf0" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=voCCq0yex7NlTUH597KuTKnZ2CMmDzptvoyxYKMs0%2FZWYkW81Sr2Yn%2FlCyeu33C%2FQT9kgksw4FDO0oSBgFR83w2B3MwKJWMXgJCDfpyikjtK1ghhWmBt4Q23%2BKnK0xsxgGBugI77o2jYbMnv33ou5VRUaQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7aead7c58fb3ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id J86HRz4TFJyEZUytizfp00__Of4-b2EkO2mZ3M6FRt5V7RwgAbKHWw==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.4.0/css/	27 KB 5 KB	42ms 21ms	Fetch text/css	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-shims.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 425741cc35824b5b3b18d4135fbef6afca30662d23638366af151f7e74ba2575 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 0baa68530535d25b0fce15971fbb91e8.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 23 Mar 2023 21:29:20 GMT server cloudflare etag W/"5193a6de5225940ae4ef5f7c82126be9" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YcT9d%2BEF0fkKETbNMkN3qkY3BZeVaQstReIgiyA6Nsu0KmkFjHTU3VY3rvY8Ce8qW64BeV45Q8pFXm2PN5N2HtekLrezrIGguVwjwizXr3AT6YRcygFfaVIpKz0rN7W7VsrI594W5TyxfDcHbwEKtJXiBA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7aead7c58fb4ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id crcfKG4NtuiUzIjciHLe5QOsuqoUPnmMyaHZk8B9UidV-A2pxDVKKA==
GET H2	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.4.0/css/	823 B 730 B	41ms 20ms	Fetch text/css	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v5-font-face.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d144babd74738640f3133de675f5fa21c7fb58bfbd430dbd967ca813403afbfd Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 fe1f71a38555d37376d318601a210ec4.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 23 Mar 2023 21:29:20 GMT server cloudflare etag W/"5856e3f07fbc36fc4d430a95a577a87f" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H4vzEguQNIXpal%2BcwYGG0H%2Fz81CcldT6Onui6RdbyiGFoj7Kt7Ih2ygy0hI%2FSYPWI1q%2BQYnJ%2FdERwz8ZC6djq%2BOT5jJdLd4XxgDdIJseOyUxt%2FJXcKmIbTqHDH%2FXYXnTG2dNWgnlh%2BuyIJ1jIOvfEfobBg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7aead7c58fb6ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id RXo2xwIt8ytyD7I7laKXiyXPD8_zX8oYRF7lqoU6cOOUNaxzP7J0lA==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.4.0/css/	2 KB 1 KB	36ms 16ms	Fetch text/css	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/css/free-v4-font-face.min.css?token=2fa1f045a7 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/2fa1f045a7.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash af59041c11cf929a2d34e75e190b5da8ef037bd0fbe81a863c3bdcf430dd6b76 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 574ab88ff85f4ad30dd2d3a36c2bab20.cloudfront.net (CloudFront) content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Thu, 23 Mar 2023 21:29:20 GMT server cloudflare etag W/"9e7f9f634ace089bcdacc3fcc5f23ce5" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkQpr%2BDO2BAF5lzFgMHLyOpmFiMnDdoVNGbFPKnk5HAaK8Il%2Fvk3CxFeJarlUITqyGWYjkYGBJIsdzv8EaqWelN%2FdclmYMsW%2BRYfbVabi%2FkaPE4ekmTPmaXN68GOVq0eMBmnyX7RmGJGMXOrGco68PT%2B8w%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7aead7c58fb7ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id h2t1xZn2ddA3Sk8uqDW0NEJknjHY0KzxXh72ZQtFacd8KDXTU0tpVQ==
GET H/1.1	200 OK	mini-hd-cam.jpg morena.co.nz/uploaded_images/thumbs/	181 KB 181 KB	475ms 237ms	Image image/jpeg	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://morena.co.nz/uploaded_images/thumbs/mini-hd-cam.jpg Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 2270b1c8dfb582be385c7d76defb286cefc363994e9378e7c5446726b61e7585 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:22 GMT Last-Modified Fri, 03 Dec 2021 11:45:52 GMT Server Apache Vary User-Agent Content-Type image/jpeg Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=99 Content-Length 185155 Expires Wed, 26 Apr 2023 21:49:22 GMT
GET H2	200	js15_as.js Show response s10.histats.com/	11 KB 4 KB	747ms 243ms	Script text/javascript	46.105.201.240 OVH
General Check archive.org Show headers Download Go to Full URL https://s10.histats.com/js15_as.js Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 46.105.201.240 , France, ASN16276 (OVH, FR), Reverse DNS Software / Resource Hash 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:45:42 GMT content-encoding br last-modified Thu, 16 Apr 2020 10:44:16 GMT x-cacheable Matched cache x-cdn-pop-ip 137.74.122.0/26 etag "-375139978" content-type text/javascript x-cdn-pop bhs accept-ranges bytes content-length 4364 x-request-id 898271049
GET H2	200	free-fa-solid-900.woff2 ka-f.fontawesome.com/releases/v6.4.0/webfonts/	147 KB 147 KB	16ms 16ms	Font font/woff2	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-solid-900.woff2 Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1ed5cd319e1b6bcac2b0d2ab3ebe5474d72327ef3d700fd553f4cf1b5d23a35 Request headers Referer https://morena.co.nz/ Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 4efbd5b290462fbd5ee9b1de5f123e2a.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 150120 last-modified Fri, 24 Mar 2023 05:23:18 GMT server cloudflare etag "47c0d51ac60ec37c20bc6f755cc9f71b" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TiDL%2BOX%2BuCzC44EdGVI7q7nNkHffci5Bgu%2FRLYgIV5V8F9sSLS9h3m5rjXIUF34a1IFPkiGX4XpETYZUwLgewCmZo4eNgDnR9WFC4dGj6e73tNBC%2BZmhkOfODpF9GtbJeaT1b76oBrLDzAL%2Bm1MkDVjAWA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 7aead7c5bfd1ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id 6VEHbh8u6e7OMQ5wzz6n9_ugNsFpMiOq6fT_rl8X9sXSiuAz1VunaQ==
GET H2	200	free-fa-regular-400.woff2 ka-f.fontawesome.com/releases/v6.4.0/webfonts/	24 KB 25 KB	12ms 12ms	Font font/woff2	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-regular-400.woff2 Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c4dcd77ed1c9917c299952dc2ac06c35657113c35c1ad10587f285c3208aac9 Request headers Referer https://morena.co.nz/ Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 0f2b81f417aa397d9ed9b32b2017aaca.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 24952 last-modified Fri, 24 Mar 2023 05:23:18 GMT server cloudflare etag "a343e0aaf1f0863b6bccb382abbfca31" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D0AnlHE4fmpDXHxVFth8v1ABl08LUx%2BppAYGtJokrjB7fv2fEmk4lgeyidty4SpsoSKs3mUygajD2YFyMinEc8zuycdKBOd1ckA8Ixw5XHr%2F3Zi3se8Z032p7vk59O1xnAXBfwAHerC2JXxReZebRfGChA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 7aead7c5bfd3ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id wxAhdfZ-Z-WkiIs_owcBwKF1He0u5VMwzYI0AOzkUTxCNQSYxZ45jw==
GET H2	200	free-fa-brands-400.woff2 ka-f.fontawesome.com/releases/v6.4.0/webfonts/	105 KB 106 KB	12ms 12ms	Font font/woff2	2606:4700:e4::ac40:a816 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.0/webfonts/free-fa-brands-400.woff2 Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e4::ac40:a816 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d77ea474f365140c7dcd30a281e4a8dd3a3d842b33440106d40dca2081ad19a7 Request headers Referer https://morena.co.nz/ Origin https://morena.co.nz accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:22 GMT via 1.1 dda7799d8b238a0cfe4bb363587dd4bc.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop SIN52-P1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 108012 last-modified Fri, 24 Mar 2023 05:23:18 GMT server cloudflare etag "a9ebafc81a2234f7d34d8e6ae20f221d" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FI5XP%2Fr1yUzYDQKLLq7AeKbYO1GkA7BjUE6dq0jYPPNZBMiIcVS8LDPKsaRHhuB0MyYoy13SDmewFHRKi%2BdYRLtjNPHEDnztFlDmXELF6N67%2BERbneFw6FClyQnLiRsmVOLrUzIgkhPelWZiFwf%2FAO7xHQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 7aead7c5bfd5ab5b-SIN access-control-allow-headers fa-kit-token x-amz-cf-id KSLB98L-T5zvBe2V5tOJVuIi5VJCVKhQJalFliOt-gX0Pqoh_ExqFA==
GET H/1.1	200 OK	logo.png morena.co.nz/uploaded_images/resizer/650x108/r/	32 KB 33 KB	323ms 322ms	Image image/png	45.56.219.238 COGECO-PEER1
General Check archive.org Show headers Download Go to Show image Full URL https://morena.co.nz/uploaded_images/resizer/650x108/r/logo.png?v=40 Requested by Host: morena.co.nz URL: https://morena.co.nz/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 45.56.219.238 , Canada, ASN13768 (COGECO-PEER1, CA), Reverse DNS v1061373.hostpapavps.net Software Apache / Resource Hash 08cc90e5dccb7768b8574ad9a2bbee96369ec0d7f8458d3d20737af6b71c8324 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:22 GMT Content-Encoding gzip Last-Modified Mon, 27 Mar 2023 21:49:22 GMT Server Apache Vary Accept-Encoding,User-Agent Content-Type image/png Cache-Control max-age=864000, must-revalidate Connection Keep-Alive Accept-Ranges none Keep-Alive timeout=5, max=98 Content-Length 32980 Expires Thu, 06 Apr 2023 21:49:22 GMT
GET H/1.1	200 OK	0.php Show response s4.histats.com/stats/	377 B 512 B	737ms 242ms	Script text/html	54.39.156.32 OVH
General Check archive.org Show headers Download Go to Full URL https://s4.histats.com/stats/0.php?4749966&@f16&@g1&@h1&@i1&@j1679953762898&@k0&@l1&@mMORENA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:45065658&@b3:1679953763&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmorena.co.nz%2F&@w Requested by Host: s10.histats.com URL: https://s10.histats.com/js15_as.js Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 54.39.156.32 Québec, Canada, ASN16276 (OVH, FR), Reverse DNS ns562579.ip-54-39-156.net Software / Resource Hash edd690a256026c398fdb7253f21319112aee797bfdc13625165353fe67d51870 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:23 GMT Connection close Content-Length 377 Content-Type text/html;charset=UTF-8
GET H2	200	/ Show response e.dtscout.com/e/	7 KB 3 KB	544ms 526ms	Script application/javascript	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Requested by Host: s4.histats.com URL: https://s4.histats.com/stats/0.php?4749966&@f16&@g1&@h1&@i1&@j1679953762898&@k0&@l1&@mMORENA&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:45065658&@b3:1679953763&@b4:js15_as.js&@b5:0&@a-_0.2.1&@vhttps%3A%2F%2Fmorena.co.nz%2F&@w Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ef423702435fcad0d1dc4528a3962b2fa26b661b53f46a1525b765d6bd8bea41 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:24 GMT x-t 0.508 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F2dPwO6szBft0gxKWxWx%2Bt50ZTcUZWOr9QikSQsPgVmxyWy1JbCFGEP8L%2BrKfyNGk9uz6aXX25V69Qz4tz2aIKYVq7Uhw%2BMnBuyCoG0sl%2BGD3GLuExN4RvdQpOGY3PCMpbH2n8VsIo3TOg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control no-cache x-s mtl2 cf-ray 7aead7ceeeb6ab62-SIN expires Mon, 27 Mar 2023 21:49:23 GMT
GET H2	200	/ Show response t.dtscout.com/idg/ Frame 7E1C	1 KB 736 B	517ms 510ms	Document text/html	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/idg/?su=1040167995376404FCA1663CB3A7050A Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f76a32495c4a19bda86f98ac692a5f68465870e91c5642282f3e2c5c24f96529 Request headers Referer https://morena.co.nz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-cache cf-cache-status DYNAMIC cf-ray 7aead7d2388fab62-SIN content-encoding br content-type text/html; charset=UTF-8 date Mon, 27 Mar 2023 21:49:24 GMT expires Mon, 27 Mar 2023 21:49:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjdQItm8NDMWSw0CYmO2LaNhaWgXP7HhHjTleOLz3NSIc%2BRFHo6pEfxVNDvi0g2mC%2FpuriweYevk7BcdmlqqKwWglyDJYOX%2BkKkZ8Ya9XUG6cX7H9IzIPaLng1TzKK4gxNF75J6B6vAbZMM%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	tag.min.js Show response get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/	33 KB 11 KB	88ms 4ms	Script text/javascript	13.33.33.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-104.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 58bb8299d12e5da9f688e2e5b299a4eeaa790c58a47f68275c0d119b98e7c837 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id Cbjpq7uzlYJGW75uYJ0hJ2.4T0hYLuBY content-encoding gzip via 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront) date Mon, 27 Mar 2023 21:25:22 GMT last-modified Tue, 28 Feb 2023 11:00:34 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 1441 x-amz-server-side-encryption AES256 etag W/"da6f9d421ee18b85a6159832b88d2387" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=86400 x-amz-cf-id 6vSsIQ7JIDmV7MymiPpQvq0Dn3TtlhugnB6uFvOu1D6OG8RmKHdsVA==
GET H2	200	/ Show response t.dtscout.com/pv/	50 B 345 B	499ms 493ms	Script application/javascript	2606:4700:21::8d65:780b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscout.com/pv/?_a=v&_h=morena.co.nz&_ss=ir2lk3ptvk&_pv=1&_ls=0&_u1=1&_u3=1&_cc=sg&_pl=d&_cbid=5rsg&_cb=_dtspv.c Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:21::8d65:780b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 896c0c368df553fb67c9162e80c3caab5eb17ada124918eac5d0fd43e370fd0e Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:24 GMT x-t 0.143 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTAIXO6Fcnh27gW%2B1cCBOJhR%2BFTBYwDzuR1upzPSBnCMlbPhKTqV7RTSveEBMtx%2Fh%2Blef5i%2FkBklKlTSnrFvkzaLR3827aWvj66guXJcw7oSIl70hxUY4JH1RhPyDT9yLffMV8tZ%2FoKHCtY%3D"}],"group":"cf-nel","max_age":604800} x-c 0 content-type application/javascript cache-control no-cache cf-ray 7aead7d23890ab62-SIN expires Mon, 27 Mar 2023 21:49:23 GMT
GET H2	200	/ Show response onetag-geo.s-onetag.com/	535 B 940 B	872ms 604ms	Fetch application/json	13.33.33.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://onetag-geo.s-onetag.com/ Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-57.sin2.r.cloudfront.net Software / Resource Hash c89de6acfb3f0b6e7bd8dd60cd138b4b4f6001be2cf6c77a9221951e2fd623a5 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:25 GMT via 1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront), 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront) x-amz-cf-pop SIN2-C1, SIN2-P1 x-amzn-requestid f8227fd2-bd18-4db7-b999-6fb7ec941c61 x-cache Miss from cloudfront content-type application/json access-control-allow-origin * cache-control max-age=86400 x-amz-apigw-id CddX1HQPCYcF8Bw= content-length 535 x-amz-cf-id Mne9LTlMy1o6uCxIX_o1VKronh39tHNX1r29PP43hFxCw4S5YLhAhA==
GET H2	200	lt.min.js Show response tags.crwdcntrl.net/lt/c/3825/	57 KB 18 KB	120ms 40ms	Script text/javascript	13.225.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.103.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-103-53.hkg60.r.cloudfront.net Software AmazonS3 / Resource Hash df726eed96fc2c567dc861c507130826ee9bd58845f156ff3057a2e3df8dc516 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 08:55:12 GMT content-encoding gzip via 1.1 214d8a3cdb14de6b0331d1f72902cc66.cloudfront.net (CloudFront) last-modified Wed, 22 Mar 2023 20:39:53 GMT server AmazonS3 x-amz-cf-pop HKG60-C1 age 46453 etag W/"3aa4e1d3bb36b011a5f72f1a69cc6107" x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control public, max-age=86400 x-amz-cf-id oc47JSX48gUBliXJcSCZotiHT3S9n6wq-w4MOmKyfXXsbhfTmTw_4g==
GET H2	200	/ Show response t.dtscdn.com/widget/	0 610 B	278ms 262ms	Script application/javascript	2606:4700:20::ac43:4aba CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://t.dtscdn.com/widget/?d=1040167995376404FCA1663CB3A7050A&nid=300&p=836148727&t=0&s=1600x1200x24&u=https%3A%2F%2Fmorena.co.nz%2F&r= Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:20::ac43:4aba , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:25 GMT x-t 0.89 content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kAyGoxw75qOpehXc9qbtYA2Mr2t%2Bq4b8McTc%2F1C2BmolALv%2BRYqXhxxJsNDHKLqBnxaUI0v1CFL0cOb8xLhUpzk1id7zAYTItHUcCpBKT2IhSXf%2Fvb5D9yHF3weZ6nGBDvgUNDpbUtLKZA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control no-cache x-server web15.ny1.dtscdn.com cf-ray 7aead7d5ab9e4679-SIN expires Mon, 27 Mar 2023 21:58:24 GMT
GET H2	200	/ spl.zeotap.com/ Redirect Chain https://pixel.onaudience.com/?partner=137085098&mapped=1040167995376404FCA1663CB3A7050A https://spl.zeotap.com/?zdid=1332&zcluid=ef958be12b7849af	0 0	101ms 81ms	Image text/html	2606:4700:10::6816:1857 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://spl.zeotap.com/?zdid=1332&zcluid=ef958be12b7849af Protocol H2 Server 2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Redirect headers location https://spl.zeotap.com?zdid=1332&zcluid=ef958be12b7849af content-length 0
GET H2	200	optimus_rules.json Show response tags.crwdcntrl.net/lt/c/3825/	4 KB 1 KB	909ms 837ms	XHR application/json	13.225.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/c/3825/optimus_rules.json Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.103.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-103-53.hkg60.r.cloudfront.net Software AmazonS3 / Resource Hash 9933d7066a22669cd5d48d0051aa5f2d7ea91bad0a9223f3d7884e93c3ca8a28 Request headers Referer https://morena.co.nz/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 27 Mar 2023 21:49:26 GMT content-encoding gzip via 1.1 abaf9410e0cb5238ad0ea84e120ca7c0.cloudfront.net (CloudFront) last-modified Wed, 22 Mar 2023 20:39:53 GMT server AmazonS3 x-amz-cf-pop HKG60-C1 etag W/"6db43f44304c37d76768275ee4f01ba4" x-amz-server-side-encryption AES256 vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/json access-control-allow-origin * x-cache Miss from cloudfront cache-control public, max-age=86400 x-amz-cf-id pdtinDxc1O6kQj1ML3t7CZ2Ec7y2cWP5am-bSIhHbK2tV8N_m_tvwA==
GET H2	200	dataBeacons.min.js Show response data-beacons.s-onetag.com/	5 KB 2 KB	27ms 3ms	Script text/javascript	13.33.88.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://data-beacons.s-onetag.com/dataBeacons.min.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.88.100 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-88-100.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash 07dbb740764ddcc657e44a4f2767a85c877c6c92262615acefe839c0ca07c9e9 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id AynV9CxPKzE_gbaRfuvHkmlMpRA2Kx_l content-encoding gzip via 1.1 87c4d73b5ac2faa4ca336ce968e1aa1a.cloudfront.net (CloudFront) date Mon, 27 Mar 2023 21:14:55 GMT last-modified Mon, 30 Jan 2023 17:09:16 GMT server AmazonS3 x-amz-cf-pop SIN2-P2 age 2071 etag W/"b33b67ced6b706568683ecea83e198c4" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=3600 x-amz-cf-id D99sG6UYIClmfQoGrlD1k_NaDojx3D5ZiANCvtS11NAU4VqvaJUDmQ==
GET H/1.1	200 OK	v2 Show response ap.lijit.com/readerinfo/ Redirect Chain https://ap.lijit.com/readerinfo/v2 https://ap.lijit.com/readerinfo/v2?sovrn_retry=true	41 B 465 B	189ms 189ms	Fetch application/json	209.191.163.152 INTERNAP-BLOCK-4
General Check archive.org Show headers Download Go to Full URL https://ap.lijit.com/readerinfo/v2?sovrn_retry=true Protocol HTTP/1.1 Server 209.191.163.152 , United States, ASN14744 (INTERNAP-BLOCK-4, US), Reverse DNS Software / Resource Hash 7d4f41d094f5b4a5a08e08908a4ce29292aff48d2154ab9cfc718f6e8d5baf36 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:25 GMT content-encoding gzip pod X-Sovrn-Pod: ad_ap1sfo1 vary Accept-Encoding, User-Agent access-control-allow-methods GET, POST, DELETE, PUT content-type application/json access-control-allow-origin https://morena.co.nz access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type content-length 61 Redirect headers date Mon, 27 Mar 2023 21:49:25 GMT pod X-Sovrn-Pod: ad_ap1sfo1 access-control-allow-methods GET, POST, DELETE, PUT location https://ap.lijit.com/readerinfo/v2?sovrn_retry=true access-control-allow-origin https://morena.co.nz access-control-allow-credentials true access-control-allow-headers X-Requested-With, Content-Type content-length 0
POST H2	200	data Show response bcp.crwdcntrl.net/6/	606 B 1 KB	85ms 63ms	XHR application/json	18.138.156.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/6/data Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.138.156.157 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-156-157.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 82024709dd3f3a741636932bde54f29da07c14257c42c6e183b443a201594c96 Request headers Referer https://morena.co.nz/ accept-language zh-SG,zh;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:25 GMT server Jetty(9.4.38.v20210224) content-type application/json;charset=utf-8 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin https://morena.co.nz cache-control no-cache x-server 10.42.4.199 access-control-allow-credentials true content-length 606 expires 0
POST H2	200	a a.dtssrv.com/	0 463 B	257ms 241ms	Ping text/html	2606:4700:e2::ac40:8d1f CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://a.dtssrv.com/a?i=1040167995376404FCA1663CB3A7050A&k=lotpano&v=17d2c009f16aa0b774a2623121d416d53938c202d363e5c6b9b048ca46ae874d Requested by Host: e.dtscout.com URL: https://e.dtscout.com/e/?v=1a&pid=5200&site=1&l=https%3A%2F%2Fmorena.co.nz%2F&j= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8d1f , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:26 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dhjef0a90cWsvgmSqGvn4EKkFJnuQpIqQDxdZkXNPpz%2FZHtK%2Bcx30ij1GLUpNCc31iWm8kmxh%2FUfFiq4CCE0eX6vjxEwMQG2Zm07Bo%2BZzy567TcS11Sgjqk3NohbOIpgeDPbq9n%2F0%2Fq67Gs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cf-ray 7aead7dcb85f9e2c-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	lt.iframe.html Show response tags.crwdcntrl.net/lt/shared/2/ Frame C1BE	2 KB 1 KB	36ms 35ms	Document text/html	13.225.103.53 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/c/3825/lt.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.225.103.53 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-225-103-53.hkg60.r.cloudfront.net Software AmazonS3 / Resource Hash 63cf7a38baaaaebc012cfc355797544949b60c040b5da57560f26d88502d1372 Request headers Referer https://morena.co.nz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers age 46454 cache-control public, max-age=86400 content-encoding gzip content-type text/html date Mon, 27 Mar 2023 08:55:12 GMT etag W/"6fcf4f5197ab24c92d090f6ac8d87e01" last-modified Mon, 01 Feb 2021 20:35:17 GMT server AmazonS3 vary Accept-Encoding via 1.1 214d8a3cdb14de6b0331d1f72902cc66.cloudfront.net (CloudFront) x-amz-cf-id XQIEXg0c7PU4lZJU9bBuUJt1Br_RdqteNeMMDS-2dxpON9GHxZ54vQ== x-amz-cf-pop HKG60-C1 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront
GET H2	200	pixels Show response bcp.crwdcntrl.net/ Frame 67B8	4 KB 4 KB	6ms 5ms	Document text/html	18.138.156.157 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Requested by Host: tags.crwdcntrl.net URL: https://tags.crwdcntrl.net/lt/shared/2/lt.iframe.html?c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.138.156.157 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-138-156-157.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash a73033de3116451f1f379407975bba065912fe99c63f4d8ca26bb9bb170fb6d2 Request headers Referer https://tags.crwdcntrl.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers cache-control no-cache content-length 3592 content-type text/html date Mon, 27 Mar 2023 21:49:25 GMT expires 0 p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV pragma no-cache server Jetty(9.4.38.v20210224) x-server 10.42.31.37
GET H2	200	m cm.mgid.com/ Frame 67B8 Redirect Chain https://cm.mgid.com/m?cdsp=712809&uspString={uspString}&gdpr=0&consentData=&c=981aeb544b658848c8fd12849d9d7311 https://cm.mgid.com/m?c=981aeb544b658848c8fd12849d9d7311&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1	43 B 156 B	223ms 222ms	Image image/gif	2606:4700:1::6813:864e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cm.mgid.com/m?c=981aeb544b658848c8fd12849d9d7311&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7aead7dea8193dee-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43 Redirect headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT cf-cache-status DYNAMIC server cloudflare content-type image/gif location https://cm.mgid.com/m?c=981aeb544b658848c8fd12849d9d7311&cdsp=712809&consentData=&gdpr=0&uspString=%7BuspString%7D&sct=1 cache-control no-store, no-cache, must-revalidate, max-age=0 cf-ray 7aead7dd1efd3dee-SIN alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 43
GET H2	200	qmap sync.crwdcntrl.net/ Frame 67B8 Redirect Chain https://sync.ipredictive.com/d/sync/cookie/generic?partner=lotame&cspid=20&cb=${ADELPHIC_CACHE_BUSTER}&redirect=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D16101%26tp%3DADEL%26tpid%3D%24{ADELPHIC... https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=9ab29178-bc3c-43da-a47d-0f0d97b2f8af&gdpr=0	49 B 263 B	8ms 8ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=9ab29178-bc3c-43da-a47d-0f0d97b2f8af&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.8.17 content-length 49 expires 0 Redirect headers Location https://sync.crwdcntrl.net/qmap?c=16101&tp=ADEL&tpid=9ab29178-bc3c-43da-a47d-0f0d97b2f8af&gdpr=0 Date Mon, 27 Mar 2023 21:49:26 GMT Connection keep-alive X-CI-RTID 9aac7e12-2848-4d4c-bc49-ecef7120362a Content-Length 131 Content-Type text/html; charset=utf-8
GET H/1.1	200 OK	getuid sync.smartadserver.com/ Frame 67B8 Redirect Chain https://sync.smartadserver.com/getuid?gdpr=0&url=https%3A%2F%2Fbcp.crwdcntrl.net%2Fqmap%3Fc%3D16236%26tp%3DSMAD%26tpid%3D[sas_uid]%26gdpr%3D0 https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1	0 316 B	2ms 2ms	Image text/plain	23.106.127.165 LEASEWEB-APAC-SIN...
General Check archive.org Show headers Download Go to Show image Full URL https://sync.smartadserver.com/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol HTTP/1.1 Server 23.106.127.165 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:25 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo" Redirect headers location https://sync.smartadserver.com:443/getuid?gdpr=0&url=https://bcp.crwdcntrl.net/qmap?c=16236&tp=SMAD&tpid=[sas_uid]&gdpr=0&cklb=1 pragma no-cache date Mon, 27 Mar 2023 21:49:25 GMT cache-control no-cache,no-store content-length 0 p3p CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
GET H2	200	gdpr_consent= sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=558259600741416905/gdpr=/ Frame 67B8 Redirect Chain https://c1.adform.net/serving/cookie/match?party=1040 https://c1.adform.net/serving/cookie/match?CC=1&party=1040 https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=558259600741416905/gdpr=/gdpr_consent=	49 B 264 B	8ms 8ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=558259600741416905/gdpr=/gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.29.67 content-length 49 expires 0 Redirect headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT strict-transport-security max-age=31536000; includeSubDomains server nginx accept-ch Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version access-control-max-age 86400 access-control-allow-methods GET location https://sync.crwdcntrl.net/map/c=6466/tp=ADFM/tpid=558259600741416905/gdpr=/gdpr_consent= access-control-allow-origin * cache-control no-cache, no-store, must-revalidate, no-transform access-control-allow-credentials true access-control-allow-headers Content-Type,Cache-Control,Accept-Encoding,X-Requested-With content-length 0 expires -1
GET H2	200	qmap sync.crwdcntrl.net/ Frame 67B8 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0 https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=0&rd=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D240%26tp%3DPUBM%26tpid%3D%23PM_USER_ID%26gdpr%3D0&rdf=1 https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8E4C471B-36EA-4452-8A4C-FF2092FA2A62&gdpr=0	49 B 266 B	49ms 34ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8E4C471B-36EA-4452-8A4C-FF2092FA2A62&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:25 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.28.172 content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=8E4C471B-36EA-4452-8A4C-FF2092FA2A62&gdpr=0 date Mon, 27 Mar 2023 21:49:25 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H2	200	gdpr_consent= sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a/gdpr=0/ Frame 67B8 Redirect Chain https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 https://match.adsrvr.org/track/cmb/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=0 https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a/gdpr=0/gdpr_consent=	49 B 264 B	54ms 39ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a/gdpr=0/gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.24.71 content-length 49 expires 0 Redirect headers pragma no-cache date Mon, 27 Mar 2023 21:49:25 GMT x-aspnet-version 4.0.30319 p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV" location https://sync.crwdcntrl.net/map/c=10620/tp=TRAD/tpid=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a/gdpr=0/gdpr_consent= content-type text/html cache-control private,no-cache, must-revalidate content-length 249
GET H/1.1	200 OK	ltm audex.userreport.com/sync/put/ Frame 67B8	43 B 433 B	345ms 239ms	Image image/gif	54.192.18.72 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://audex.userreport.com/sync/put/ltm?ltmid=981aeb544b658848c8fd12849d9d7311 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 54.192.18.72 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-54-192-18-72.hkg62.r.cloudfront.net Software nginx/1.22.0 / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:26 GMT Via 1.1 53b2bbb13e5db590d598ee4e9aa9bd80.cloudfront.net (CloudFront) Last-Modified Mon, 28 Sep 1970 06:00:00 GMT Server nginx/1.22.0 X-Amz-Cf-Pop HKG62-C2 X-Cache Miss from cloudfront Content-Type image/gif Connection keep-alive Content-Length 43 X-Amz-Cf-Id 2qmfWVz7XBWFd8u0uGFMKwbWg968vNHrBcr-B2STmgmDQiCkCMSzLw==
GET H2	200	tpid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f sync.crwdcntrl.net/map/c=10158/tp=TPAD/ Frame 67B8 Redirect Chain https://pixel.tapad.com/idsync/ex/receive?partner_id=LOTAME&partner_device_id=981aeb544b658848c8fd12849d9d7311&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPAD%2Ftp... https://pixel.tapad.com/idsync/ex/receive/check?partner_id=LOTAME&partner_device_id=981aeb544b658848c8fd12849d9d7311&gdpr=0&partner_url=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10158%2Ftp%3DTPA... https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f%252Chttps%25253A%25252F%25252Fsync.crwdcntrl.net%25252Fmap%25252Fc%25253D10158%25252... https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=b64bfd93-cd1a-401f-8c00-fd0ec97b8a8a&ttd_puid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f%2Chttps%253A%252F%252Fsync.crwdcntrl.n... https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f	49 B 264 B	8ms 7ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.25.38 content-length 49 expires 0 Redirect headers date Mon, 27 Mar 2023 21:49:26 GMT strict-transport-security max-age=31536000 via 1.1 google accept-ch Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 p3p policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" access-control-allow-origin * location https://sync.crwdcntrl.net/map/c=10158/tp=TPAD/tpid=107f3c2e-9073-4611-9f6d-c7c2ca66c00f alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	403	sync.gif dmp.truoptik.com/f2d2e39fc16bc9cc/ Frame 67B8	0 0	23ms 7ms	Image text/html	104.16.110.154 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dmp.truoptik.com/f2d2e39fc16bc9cc/sync.gif?cbp=tpid&cbk=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D10832%2Ftp%3DTRUP Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.16.110.154 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers
GET H2	200	gdpr=0 sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=70443262403994092683359880332901921131/ Frame 67B8 Redirect Chain https://dpm.demdex.net/ibs:dpid=121998&dpuuid=981aeb544b658848c8fd12849d9d7311&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUID%7D%2Fgdpr=0 https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=121998&dpuuid=981aeb544b658848c8fd12849d9d7311&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D9828%2Ftp%3DADBE%2Ftpid%3D%24%7BDD_UUI... https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=70443262403994092683359880332901921131/gdpr=0	49 B 264 B	9ms 9ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=70443262403994092683359880332901921131/gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:27 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.7.173 content-length 49 expires 0 Redirect headers DCS dcs-prod-usw2-1-v042-0f93c34e2.edge-usw2.demdex.com 5 ms Pragma no-cache Strict-Transport-Security max-age=31536000; includeSubDomains X-TID nxmoPGDwTOM= P3P policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT" Location https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/tpid=70443262403994092683359880332901921131/gdpr=0 Cache-Control no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private Connection keep-alive Content-Length 0 Expires Thu, 01 Jan 1970 00:00:00 UTC
GET H/1.1	200 OK	lotame sync.sharethis.com/ Frame 67B8	42 B 549 B	690ms 159ms	Image image/gif	52.29.188.86
General Check archive.org Show headers Download Go to Show image Full URL https://sync.sharethis.com/lotame?uid=981aeb544b658848c8fd12849d9d7311&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.29.188.86 -, , ASN (), Reverse DNS Software / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:26 GMT Strict-Transport-Security max-age=63072000; includeSubDomains; Connection keep-alive Stid ZHeAAmQiD2YAAAAIFTCAAw== X-Robots-Tag noindex, nofollow Content-Length 42 Content-Type image/gif
GET H2	204	usermatch.gif beacon.krxd.net/ Frame 67B8	0 338 B	745ms 208ms	Image text/plain	34.210.220.175
General Check archive.org Show headers Download Go to Show image Full URL https://beacon.krxd.net/usermatch.gif?partner=lotame&partner_uid=981aeb544b658848c8fd12849d9d7311 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.210.220.175 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-served-by beacon-n007-pdx-prod.krxd.net date Mon, 27 Mar 2023 21:49:26 GMT cache-control private, no-cache, no-store x-request-time D=35 t=1679953766 p3p policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
GET H/1.0	200 OK	image.sbxx global.ib-ibi.com/ Frame 67B8	0 72 B	907ms 224ms	Image text/plain	69.169.86.38
General Check archive.org Show headers Download Go to Show image Full URL https://global.ib-ibi.com/image.sbxx?go=262106&pid=420&xid=981aeb544b658848c8fd12849d9d7311 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol HTTP/1.0 Security TLS 1.2, RSA, AES_256_CBC Server 69.169.86.38 -, , ASN (), Reverse DNS Software BigIP / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Connection close Content-Length 0 Server BigIP
GET H2	200	qmap sync.crwdcntrl.net/ Frame 67B8 Redirect Chain https://sync.srv.stackadapt.com/sync?nid=lotame&gdpr=0 https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-15292eb0-f8a5-5881-78d2-250c03f2128b$ip$103.254.153.210&gdpr=0&gdpr_consent=	49 B 264 B	8ms 8ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-15292eb0-f8a5-5881-78d2-250c03f2128b$ip$103.254.153.210&gdpr=0&gdpr_consent= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.25.38 content-length 49 expires 0 Redirect headers Location https://sync.crwdcntrl.net/qmap?c=6569&tp=STKA&tpid=0-15292eb0-f8a5-5881-78d2-250c03f2128b$ip$103.254.153.210&gdpr=0&gdpr_consent= Date Mon, 27 Mar 2023 21:49:26 GMT Connection keep-alive Content-Length 169 Content-Type text/html; charset=utf-8
GET H2	200	qmap sync.crwdcntrl.net/ Frame 67B8 Redirect Chain https://cms.analytics.yahoo.com/cms?partner_id=LOTME&gdpr=0 https://ups.analytics.yahoo.com/ups/58736/cms?partner_id=LOTME&gdpr=0 https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-pmf1lu9E2pxuvMaxBmBdcRGdKZxArsdEHlU-~A&gdpr=0	49 B 264 B	8ms 8ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-pmf1lu9E2pxuvMaxBmBdcRGdKZxArsdEHlU-~A&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.4.229 content-length 49 expires 0 Redirect headers location https://sync.crwdcntrl.net/qmap?c=5437&tp=DTAX&tpidqp=tpidqa&tpidqa=y-pmf1lu9E2pxuvMaxBmBdcRGdKZxArsdEHlU-~A&gdpr=0 date Mon, 27 Mar 2023 21:49:26 GMT strict-transport-security max-age=31536000 server ATS/9.1.10.25 age 0 content-length 0 p3p CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
GET H2	200	qmap sync.crwdcntrl.net/ Frame 67B8 Redirect Chain https://sync.mathtag.com/sync/img?sync=auto&mt_exid=10040&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fqmap%3Fc%3D4735%26tp%3DMDMA%26tpid%3D%5BMM_UUID%5D%26src=lot%26gdpr%3D0 https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e12d6422-0f66-4f00-83a0-30a2dce9ce70&src=lot&gdpr=0	49 B 264 B	8ms 7ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e12d6422-0f66-4f00-83a0-30a2dce9ce70&src=lot&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.10.47 content-length 49 expires 0 Redirect headers Date Mon, 27 Mar 2023 21:49:26 GMT Server MT3 668 4401257 master hkg-pixel-x24 config_version:"unknown" Content-Type image/gif Access-Control-Allow-Origin * location https://sync.crwdcntrl.net/qmap?c=4735&tp=MDMA&tpid=e12d6422-0f66-4f00-83a0-30a2dce9ce70&src=lot&gdpr=0 P3P CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA" Cache-Control no-cache Connection keep-alive Keep-Alive timeout=360 Content-Length 0 Expires Mon, 27 Mar 2023 21:49:25 GMT
GET H2	200	gdpr=0 sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3276fa9e-3d24-444c-835f-360df2382143-64220f66-5347/ Frame 67B8 Redirect Chain https://pixel-sync.sitescout.com/connectors/lotame/usersync?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 https://pixel-sync.sitescout.com/connectors/lotame/usersync?cookieQ=1&gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1389%2Ftp%3DSTSC%2Ftpid%3D%24UUID%2Fgdpr%3D0 https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3276fa9e-3d24-444c-835f-360df2382143-64220f66-5347/gdpr=0	49 B 265 B	8ms 8ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3276fa9e-3d24-444c-835f-360df2382143-64220f66-5347/gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.27.199 content-length 49 expires 0 Redirect headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server AC1.1 p3p CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml" location https://sync.crwdcntrl.net/map/c=1389/tp=STSC/tpid=3276fa9e-3d24-444c-835f-360df2382143-64220f66-5347/gdpr=0 cache-control max-age=0,no-cache,no-store content-length 0 expires Tue, 11 Oct 1977 12:34:56 GMT
GET H/1.1	204 No Content	token token.rubiconproject.com/ Frame 67B8	0 676 B	63ms 6ms	Image text/plain	69.173.158.64 RUBICONPROJECT
General Check archive.org Show headers Download Go to Show image Full URL https://token.rubiconproject.com/token?pid=7&puid=981aeb544b658848c8fd12849d9d7311&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_CBC Server 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Expires 0 Pragma no-cache Cache-Control no-cache,no-store,must-revalidate X-RPHost beb52df1a5a4b2f2cb3f37642c514298 P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
GET H2	200	gdpr=0&_test=ZCIPZgAE4rSXIABB sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZCIPZgAE4rSXIABB/ Frame 67B8 Redirect Chain https://sync-tm.everesttech.net/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0 https://sync-tm.everesttech.net/ct/upi/pid/bsTd8NdE?gdpr=0&redir=https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D1811%2Ftp%3DTBMG%2Ftpid%3D%24%7BTM_USER_ID%7D%2Fgdpr%3D0&_test=ZCIPZgAE4rSXIABB https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZCIPZgAE4rSXIABB/gdpr=0&_test=ZCIPZgAE4rSXIABB	49 B 263 B	8ms 7ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZCIPZgAE4rSXIABB/gdpr=0&_test=ZCIPZgAE4rSXIABB Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.3.71 content-length 49 expires 0 Redirect headers x-served-by cache-qpg1256-QPG pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT via 1.1 varnish server Varnish x-timer S1679953767.654984,VS0,VE0 x-cache HIT location https://sync.crwdcntrl.net/map/c=1811/tp=TBMG/tpid=ZCIPZgAE4rSXIABB/gdpr=0&_test=ZCIPZgAE4rSXIABB cache-control no-cache accept-ranges bytes content-length 0 retry-after 0 x-cache-hits 0
GET H2	200	pixel cm.g.doubleclick.net/ Frame 67B8 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0 https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0&google_tc=	170 B 243 B	9ms 9ms	Image image/png	172.253.118.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0&google_tc= Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 172.253.118.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f156.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0&google_tc= p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 337 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	5907 tags.bluekai.com/site/ Frame 67B8	62 B 465 B	227ms 190ms	Image image/gif	104.69.166.9
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/5907?limit=0&id=4184e1fa8ec445e7fd0cbeaa4a3f673f Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.69.166.9 -, , ASN (), Reverse DNS Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Mon, 27 Mar 2023 21:49:26 GMT content-length 62 content-type image/gif
GET H3	200	pixel cm.g.doubleclick.net/ Frame 67B8	170 B 188 B	11ms 10ms	Image image/png	172.253.118.156 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=lotameddp&google_hm=OTgxYWViNTQ0YjY1ODg0OGM4ZmQxMjg0OWQ5ZDczMTE&gdpr=0 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H3 Security QUIC, , AES_128_GCM Server 172.253.118.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS sl-in-f156.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:26 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rand=36856455 sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=1132352543216883069/gdpr=0/ Frame 67B8 Redirect Chain https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.crwdcntrl.net%2Fmap%2Fc%3D281%2Ftp%3DANXS%2Ftpid%3D%24UID%2Fgdpr%3D0%2Frand=36856455 https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.crwdcntrl.net%252Fmap%252Fc%253D281%252Ftp%253DANXS%252Ftpid%253D%2524UID%252Fgdpr%253D0%252Frand%3D36856455 https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=1132352543216883069/gdpr=0/rand=36856455	49 B 265 B	7ms 7ms	Image image/gif	175.41.130.144 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=1132352543216883069/gdpr=0/rand=36856455 Requested by Host: bcp.crwdcntrl.net URL: https://bcp.crwdcntrl.net/pixels?s=155%2C154%2C148%2C145%2C136%2C116%2C115%2C106%2C104%2C94%2C81%2C80%2C78%2C54%2C41%2C38%2C33%2C31%2C26%2C22%2C12%2C7%2C2&c=3825 Protocol H2 Server 175.41.130.144 , Singapore, ASN16509 (AMAZON-02, US), Reverse DNS ec2-175-41-130-144.ap-southeast-1.compute.amazonaws.com Software Jetty(9.4.38.v20210224) / Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Request headers accept-language zh-SG,zh;q=0.9 Referer https://bcp.crwdcntrl.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Mon, 27 Mar 2023 21:49:27 GMT server Jetty(9.4.38.v20210224) content-type image/gif p3p CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV access-control-allow-origin * cache-control no-cache x-server 10.42.26.160 content-length 49 expires 0 Redirect headers Date Mon, 27 Mar 2023 21:49:27 GMT P3P policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" Connection keep-alive X-Proxy-Origin 103.254.153.210; 103.254.153.210; 906.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com Content-Length 0 X-XSS-Protection 0 Pragma no-cache AN-X-Request-Uuid 8fe5149c-5cbf-4a44-9552-313afdb6120d Server nginx/1.23.2 Accept-CH Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness Content-Type text/html; charset=utf-8 Access-Control-Allow-Origin * Location https://sync.crwdcntrl.net/map/c=281/tp=ANXS/tpid=1132352543216883069/gdpr=0/rand=36856455 Cache-Control no-store, no-cache, private Access-Control-Allow-Credentials true Expires Sat, 15 Nov 2008 16:00:00 GMT
GET		59074 i6.liadm.com/s/ Redirect Chain https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl&rnd=76656 https://i.liadm.com/s/59074?bidder_id=204553&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl&rnd=76656&_li_chk=true&previous_uuid=44383b3d8d24414b97a91854effe7caf https://i6.liadm.com/s/59074?bidder_id=204553&rnd=76656&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl	0 0
GET H2	200	db_sync px.ads.linkedin.com/ Redirect Chain https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GYe9BSZHXrkroLVYQqG89HDl&rand=56793&pu= https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GYe9BSZHXrkroLVYQqG89HDl&rand=56793&pu=&expected_cookie=4c26cb1f-64c3-4129-875f-9f885b48441a	0 144 B	185ms 185ms	Image text/plain	2620:1ec:21::14
General Check archive.org Show headers Download Go to Show image Full URL https://px.ads.linkedin.com/db_sync?pid=15697&puuid=GYe9BSZHXrkroLVYQqG89HDl&rand=56793&pu=&expected_cookie=4c26cb1f-64c3-4129-875f-9f885b48441a Protocol H2 Server 2620:1ec:21::14 -, , ASN (), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Mon, 27 Mar 2023 21:49:27 GMT x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: AF7CCFDB5B204D4E80B0F98F27FA0840 Ref B: SIN30EDGE0818 Ref C: 2023-03-27T21:49:27Z linkedin-action 1 x-cache CONFIG_NOCACHE x-li-fabric prod-lor1 x-li-proto http/2 content-length 0 x-li-uuid AAX36LeK1zlus8dBvZnM+A== Redirect headers date Mon, 27 Mar 2023 21:49:27 GMT nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop afd-prod-lor1-x x-msedge-ref Ref A: B98B6AF30B5E4EE589FB87B000825EBA Ref B: SIN30EDGE0818 Ref C: 2023-03-27T21:49:27Z linkedin-action 1 report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} x-li-fabric prod-lor1 location /db_sync?pid=15697&puuid=GYe9BSZHXrkroLVYQqG89HDl&rand=56793&pu=&expected_cookie=4c26cb1f-64c3-4129-875f-9f885b48441a x-cache CONFIG_NOCACHE x-li-proto http/2 content-length 0 x-li-uuid AAX36LeINzTWPmMX8oSWnA==
GET		merge ce.lijit.com/ Redirect Chain https://um.simpli.fi/lj_match?r=14594 https://ce.lijit.com/merge?pid=2&3pid=F3A5470B4E2341E6920D17707306A812	0 0
GET H/1.1	200 OK	57333 i.liadm.com/s/	43 B 436 B	243ms 243ms	Image image/gif	52.44.38.124
General Check archive.org Show headers Download Go to Show image Full URL https://i.liadm.com/s/57333?bidder_id=204553&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl&rnd=7374 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.44.38.124 -, , ASN (), Reverse DNS Software / Resource Hash caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language zh-SG,zh;q=0.9 Referer https://morena.co.nz/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Date Mon, 27 Mar 2023 21:49:28 GMT Cache-Control no-store Strict-Transport-Security max-age=31536000; includeSubDomains Connection keep-alive Content-Length 43 Request-Time 4 Content-Type image/gif
GET H2	200	Portal.html Show response get.s-onetag.com/underground-sync-portal/ Frame 4B06	85 B 481 B	4ms 4ms	Document text/html	13.33.33.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/underground-sync-portal/Portal.html Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/f0c84061-4182-4398-8e37-5ff5b5698a6f/tag.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-104.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash c5a9c1da2841785221f3cbd5d59fb206a46a9f7b87acd9defbaaad16da7bc10f Request headers Referer https://morena.co.nz/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept-language zh-SG,zh;q=0.9 Response headers accept-ranges bytes age 265605 cache-control max-age=864000 content-length 85 content-type text/html date Fri, 24 Mar 2023 20:02:42 GMT etag "131a68f1a3ad405d816af56e04b93481" last-modified Mon, 24 Aug 2020 10:07:31 GMT server AmazonS3 vary Accept-Encoding via 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront) x-amz-cf-id YfWuWBKusUgibNh_oVxmbEyBX6C2R4uEnC7F1icOgsWBm6UqTL2NYA== x-amz-cf-pop SIN2-P1 x-amz-version-id DQOg1_kyPY_kvsj6PY1Vb4lkt_z.UEMu x-cache Hit from cloudfront
GET H2	200	Portal.js Show response get.s-onetag.com/underground-sync-portal/ Frame 4B06	766 B 1 KB	4ms 4ms	Script text/javascript	13.33.33.104 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://get.s-onetag.com/underground-sync-portal/Portal.js Requested by Host: get.s-onetag.com URL: https://get.s-onetag.com/underground-sync-portal/Portal.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.33.33.104 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-33-33-104.sin2.r.cloudfront.net Software AmazonS3 / Resource Hash b0fe2ef3be2ee94968865b9c1f4a6df9047df6da9d6db098b14837964261183f Request headers accept-language zh-SG,zh;q=0.9 Referer https://get.s-onetag.com/underground-sync-portal/Portal.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-amz-version-id 5ewrcwpMVzqiX_oZ8oVk1PODvYSULwU5 date Sun, 19 Mar 2023 21:12:09 GMT via 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront) last-modified Mon, 24 Aug 2020 10:07:19 GMT server AmazonS3 x-amz-cf-pop SIN2-P1 age 693440 etag "145e495d0d92a3c8fd975bfe5485b72c" vary Accept-Encoding x-cache Hit from cloudfront content-type text/javascript cache-control max-age=864000 accept-ranges bytes content-length 766 x-amz-cf-id weMiN0sYe1iuPIv4atRk8LJ3QAcfsswLB3aP1R65RjgWJ-BAKtpzDA==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

i6.liadm.com

URL

https://i6.liadm.com/s/59074?bidder_id=204553&rnd=76656&bidder_uuid=GYe9BSZHXrkroLVYQqG89HDl

Domain

ce.lijit.com

URL

https://ce.lijit.com/merge?pid=2&3pid=F3A5470B4E2341E6920D17707306A812