apartamentoselcueto.com Open in urlscan Pro
164.138.209.44 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://apartamentoselcueto.com/Sparks/Xtra.html
Submission: On August 21 via manual (August 21st 2017, 2:40:21 am UTC) from AU

Summary HTTP 62 Redirects Links 96 Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 11 domains to perform 62 HTTP transactions. The main IP is 164.138.209.44, located in Spain and belongs to CYBERNETICOS, ES. The main domain is apartamentoselcueto.com.

This is the only time apartamentoselcueto.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Spark (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	164.138.209.44 164.138.209.44	198968 (CYBERNETICOS) (CYBERNETICOS)
8	67.43.0.210 67.43.0.210	32244 (LIQUID-WE...) (LIQUID-WEB-INC - Liquid Web)
15	146.171.248.36 146.171.248.36	2570 (TAS-SPARK...) (TAS-SPARK-NZ Spark New Zealand Trading Ltd)
1	2a00:1450:401... 2a00:1450:401b:800::2004	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	52.211.153.242 52.211.153.242	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	66.235.148.73 66.235.148.73	15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
3	2a00:1450:400... 2a00:1450:4001:81c::200e	15169 (GOOGLE) (GOOGLE - Google Inc.)
1	52.84.118.149 52.84.118.149	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2a00:1450:401... 2a00:1450:401b:800::2003	15169 (GOOGLE) (GOOGLE - Google Inc.)
2	52.216.17.216 52.216.17.216	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
62	13

1 164.138.209.44 (Spain)

ASN198968 (CYBERNETICOS, ES)
PTR: miratel.cyberneticos.net

apartamentoselcueto.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 67.43.0.210 (Lansing, United States)

ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US)
PTR: host.fimedia.ca

www.claudiaschoices.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 146.171.248.36 (Auckland, New Zealand)

ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ)

www.spark.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:800::2004 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.211.153.242 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-211-153-242.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.235.148.73 (Lehi, United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: *.sc.omtrdc.net

analytics.spark.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.118.149 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-118-149.iad16.r.cloudfront.net

dnn506yrbagrg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:401b:800::2003 (Ireland)

ASN15169 (GOOGLE - Google Inc., US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.17.216 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: s3-1-w.amazonaws.com

gtrk.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	spark.co.nz www.spark.co.nz analytics.spark.co.nz	741 KB
8	claudiaschoices.ca www.claudiaschoices.ca Failed	87 KB
3	google.de www.google.de	180 B
3	google-analytics.com www.google-analytics.com	29 KB
3	demdex.net dpm.demdex.net fast.sparknz.demdex.net Failed	331 B
2	amazonaws.com gtrk.s3.amazonaws.com	64 B
1	cloudfront.net dnn506yrbagrg.cloudfront.net	4 KB
1	gstatic.com www.gstatic.com	69 KB
1	googletagmanager.com www.googletagmanager.com	62 KB
1	google.com www.google.com	422 B
1	apartamentoselcueto.com apartamentoselcueto.com	108 B
62	11

	Domain	Requested by
15	www.spark.co.nz	www.claudiaschoices.ca www.spark.co.nz www.googletagmanager.com
8	www.claudiaschoices.ca	www.spark.co.nz www.claudiaschoices.ca
3	www.google.de	www.claudiaschoices.ca
3	www.google-analytics.com	www.claudiaschoices.ca www.google-analytics.com
3	dpm.demdex.net	www.claudiaschoices.ca
2	gtrk.s3.amazonaws.com	www.claudiaschoices.ca
1	dnn506yrbagrg.cloudfront.net	www.googletagmanager.com
1	www.gstatic.com	www.google.com
1	www.googletagmanager.com	www.claudiaschoices.ca
1	analytics.spark.co.nz	www.spark.co.nz
1	www.google.com	www.claudiaschoices.ca www.gstatic.com
1	apartamentoselcueto.com
0	fast.sparknz.demdex.net Failed	www.spark.co.nz
62	13

This site contains links to these domains. Also see Links.

Domain
www.spark.co.nz
www.sparkdigital.co.nz
www.sparknz.co.nz
www.sparkventures.co.nz
www.sparkfoundation.org.nz
search.spark.co.nz
www.facebook.com
twitter.com
www.youtube.com

Subject Issuer	Validity	Valid
*.google.com Google Internet Authority G2	`2017-08-08` - `2017-10-31`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G2	`2017-08-08` - `2017-10-31`	3 months	crt.sh
www.google.de Google Internet Authority G2	`2017-08-08` - `2017-10-31`	3 months	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2016-07-29` - `2017-11-29`	a year	crt.sh

This page contains 4 frames:

Frame: http://www.claudiaschoices.ca//Sparks/Xtra.html
Frame ID: 27138.1
Requests: 2 HTTP requests in this frame

Frame: http://www.claudiaschoices.ca//Sparks/Xtra.html
Frame ID: 27149.1
Requests: 58 HTTP requests in this frame

Frame: http://fast.sparknz.demdex.net/dest5.html?d_nsid=0
Frame ID: 27149.3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api/fallback?k=6Lc9MfkSAAAAAGH146kKWFcZS6ACWucEw1id3B0W&hl=en&v=r20170816175713&t=0&ff=true
Frame ID: 27149.4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

62
Requests

15 %
HTTPS

42 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

994 kB
Transfer

3851 kB
Size

0
Cookies

96 Outgoing links

These are links going to different origins than the main page.

URL: http://www.spark.co.nz/home/
Title: Personal

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/
Title: Small Business

Search URL Search Domain Scan URL

URL: http://www.sparkdigital.co.nz/
Title: Medium and Enterprise Business

Search URL Search Domain Scan URL

URL: http://www.sparknz.co.nz/
Title: Spark New Zealand

Search URL Search Domain Scan URL

URL: http://www.sparkventures.co.nz/
Title: Spark Ventures

Search URL Search Domain Scan URL

URL: http://www.sparkfoundation.org.nz/
Title: Spark Foundation

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans.html
Title: Mobile plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/paymonthly.html
Title: Pay Monthly

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/prepaid.html
Title: Prepaid

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/sharedplans.html
Title: Shared plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/mobilebroadband/plansandpricing.html
Title: Mobile Broadband Plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile.html
Title: Mobile phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/phones.html
Title: All phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/iphone-7.html
Title: iPhone 7

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/samsung-galaxy-s8.html
Title: Samsung Galaxy S8

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/mobilebroadbandandtablets/devices.html
Title: Tablets & Mobile Broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/
Title: Get broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/plans-and-pricing/
Title: Plans & pricing

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/wirelessbroadband/
Title: Wireless broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/fibre-facts/
Title: Fibre facts

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/internet/bundleupbonus/
Title: Bundle up bonus

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/pricing/
Title: Pricing

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/homephones/
Title: Home phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/switchtospark/
Title: Switch to Spark

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/landline/payphones/
Title: Payphones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/
Title: Get more

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/netflix/
Title: Netflix

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/lightbox/
Title: Lightbox

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/spotify/
Title: Spotify

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/fibre-help/
Title: Fibre help centre

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/fibre-help/fibre-guide/
Title: Fibre guide

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/order-tracker/
Title: Fibre order tracker

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/outages/
Title: Outage information

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/fibre-help/fibre-installation-process/
Title: Installation process

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/mobile-data/
Title: Mobile & data

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/mobile-data/plans-services/mobile-roaming-information/
Title: Going overseas

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/mobile-data/getstarted/auto-pay-auto-top-up/
Title: Auto pay & Top up

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/changeyourplan/
Title: Change my plan

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/extras/
Title: Add an extra

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-email/
Title: Internet & email

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-email/manage-email/
Title: Manage my email

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-data/equipment
Title: Modem tips & tricks

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/internet-data/netflix-help/
Title: How to get Netflix

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/
Title: Landline

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/troubleshooting/landline-troubleshooting/
Title: Troubleshooting

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/movinghouse/
Title: Moving house

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/plans-services/calling-rates/local-calling-areas-and-area-codes/
Title: Calling codes national

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/landline/plans-services/calling-rates/international-calling-access-codes/
Title: Calling codes international

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/
Title: Billing

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/myspark/
Title: View previous bills

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/understand/understand-my-spark-bill/
Title: Understand my bill

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/billing/manage/account-changes
Title: Account number

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/
Title: Helpful links

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/secure/myspark/usage/
Title: Check your usage

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/payabill/
Title: Pay my bill

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/topup/online/
Title: Top Up

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/testyourspeed/
Title: Internet speed test

Search URL Search Domain Scan URL

URL: http://search.spark.co.nz/search?site=spark_all_collection&client=spark_frontend&output=xml_no_dtd&proxystylesheet=spark_frontend&filter=1&q=
Title:

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark-mobile-menu-redirect
Title: MySpark

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/contactus
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/shop
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/work-smarter
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/myspark
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/help
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/business/contactus
Title: Visit

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/
Title: Back

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/emailchanges
Title: Learn more about what's changed

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/forgottenusername/
Title: Forgotten email address?

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/forgottenpassword/
Title: Forgotten password?

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/xtramail/registration/
Title: Create your free email account now

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/
Title: Shop

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile-plans/
Title: Mobile plans

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/mobile/
Title: Mobile phones

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/for-home/
Title: Broadband

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/shop/latest-deals/
Title: Latest Deals

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/getmore/freewifi/
Title: Free WiFi

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/premiumservices/email/
Title: Free email

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/thanks/
Title: Spark Thanks

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/
Title: MySpark

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/access/login/
Title: Sign In

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/register/
Title: Register

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/sparkapp/
Title: Download App

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/mymobile/topup/
Title: Top Up

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/myspark/myinternet/checkyourusage/
Title: Check Usage

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/contactus/storefinder/
Title: Store finder

Search URL Search Domain Scan URL

URL: http://www.facebook.com/spark4nz

Search URL Search Domain Scan URL

URL: http://twitter.com/sparknz

Search URL Search Domain Scan URL

URL: http://www.youtube.com/user/sparknewzealand

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/websiteprivacypolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/legaldisclaimer/
Title: Legal disclaimer

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/accessibilities/
Title: Accessibility

Search URL Search Domain Scan URL

URL: http://www.spark.co.nz/help/other/terms/
Title: Terms and Conditions

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request 16

http://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701
http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701

Request 20

http://cm.everesttech.net/cm/dd?d_uuid=00214001410627530113358101352518573429
http://dpm.demdex.net/ibs:dpid=411&dpuuid=WZpIDwAAAewsL9VN

Request 40

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

Request 49

http://www.google-analytics.com/collect?v=1&_v=j59&a=1078029226&t=pageview&_s=1&dl=http%3A%2F%2Fwww.claudiaschoices.ca%2F%2FSparks%2FXtra.html&dr=http%3A%2F%2Fapartamentoselcueto.com%2FSparks%2FXtr...
https://www.google-analytics.com/collect?v=1&_v=j59&a=1078029226&t=pageview&_s=1&dl=http%3A%2F%2Fwww.claudiaschoices.ca%2F%2FSparks%2FXtra.html&dr=http%3A%2F%2Fapartamentoselcueto.com%2FSparks%2FXt...

Request 50

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=377581629&_v=j59&z=661313727
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=377581629&_v=j59&z=661313727&slf_rd=1&random=1419273831

Request 51

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1042049158.1503283216&jid=857846732&_v=j59&z=2140767360
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1042049158.1503283216&jid=857846732&_v=j59&z=2140767360&slf_rd=1&random=2864712619

Request 52

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=1003446848&_v=j59&z=2124576346
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=1003446848&_v=j59&z=2124576346&slf_rd=1&random=4182369174

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Xtra.html Show response
apartamentoselcueto.com/Sparks/ 92 B
108 B 251ms
63ms Document
text/html 164.138.209.44
CYBERNETICOS

General

Check archive.org

Show headers Download Go to

Full URL: http://apartamentoselcueto.com/Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 164.138.209.44 , Spain, ASN198968 (CYBERNETICOS, ES),
Reverse DNS: miratel.cyberneticos.net
Software: Apache /
Resource Hash: 7853a06842ec6d91a6c1c3ebd58d51bafd9ec3cf578649aff614629b5aea0497

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:11 GMT
Content-Encoding: gzip
Last-Modified: Thu, 17 Aug 2017 13:31:54 GMT
Server: Apache
ETag: "5c-556f30930b46a-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/html
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=2, max=100
Content-Length: 108

GET Xtra.html
www.claudiaschoices.ca//Sparks/ 0
0

GET
H/1.1 200
OK Xtra.html Show response
www.claudiaschoices.ca//Sparks/ Frame 2714 87 KB
87 KB 518ms
128ms Document
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash: 2d678f042202d349548df91c4a608816230c10eb43b24e409d889aae2392658a

Request headers

Upgrade-Insecure-Requests: 1
Referer: http://apartamentoselcueto.com/Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:11 GMT
Last-Modified: Thu, 17 Aug 2017 13:13:11 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
ETag: "5fd84f-15d24-556f2c63527c0"
Content-Type: text/html
Cache-Control: max-age=172800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 89380
Expires: Wed, 23 Aug 2017 02:40:11 GMT

GET
H/1.1 200
OK satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js Show response
www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 2714 183 KB
42 KB 626ms
318ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

f5e6c2edeb2b2268bb3d288ef77ef259d55560c4a99b04feeddf42331cfe1d63

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 42826

GET
H/1.1 200
OK clientlib-responsive.css
www.spark.co.nz/etc/designs/spark-responsive/ Frame 2714 293 KB
39 KB 609ms
309ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.css

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

f3af1b75a9a93913fcd2fe47b1d76439b644dd673a7a145232246f173d043d15

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 39837

GET
H/1.1 200
OK clientlib-responsive2.css
www.spark.co.nz/etc/designs/spark-responsive/ Frame 2714 539 KB
72 KB 628ms
323ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive2.css

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

954185f0547dfbddd67362626dbf75eea4ef8062f978a9e547eb009623eed561

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK clientlib-responsive.js Show response
www.spark.co.nz/etc/designs/spark-responsive/ Frame 2714 1 MB
291 KB 645ms
329ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.js

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

8c45a8cd0231d698fdf1091c699209d933ccc45b5299f40993e0438d4de97feb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK responsive-addon.css
www.spark.co.nz/content/dam/telecomcms/responsive/css/ Frame 2714 41 KB
6 KB 616ms
309ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/css/responsive-addon.css

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

48fc2032a4f46dbe77bb60a2d7debe4add8e1b7a7ba8aee1af5835b2aeb09f44

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 5739

GET
H/1.1 200
OK responsive-addon.js Show response
www.spark.co.nz/content/dam/telecomcms/responsive/js/ Frame 2714 6 KB
2 KB 1231ms
308ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/js/responsive-addon.js

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

3907ffcb48ada3e2f17e229b7784de07e2817af407dc19819ccc9adecd463b71

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 2391

GET
H/1.1 200
OK clientlib_xtramail.css
www.spark.co.nz/etc/designs/xtramail/ Frame 2714 44 KB
7 KB 616ms
309ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail.css

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

a518f77fcc3cc4dddca7f671f5b5863b8ca4c8052430a3b1dd04d57ce7730e2c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 6944

GET
H/1.1 200
OK clientlib_xtramail.js Show response
www.spark.co.nz/etc/designs/xtramail/ Frame 2714 61 KB
12 KB 1233ms
310ms Script
application/javascript 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/etc/designs/xtramail/clientlib_xtramail.js

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

c4c539ab1f051aa6fc04c8d9eee0cebd275c9988835c5055a5a3950018ca9f9c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:12 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 12706

GET
H/1.1 200
OK purple.svg
www.spark.co.nz/content/dam/sparkresponsive/logo/ Frame 2714 34 KB
34 KB 306ms
306ms Image
image/svg+xml 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/sparkresponsive/logo/purple.svg

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:14 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 34491
X-Frame-Options: SAMEORIGIN
Content-Type: image/svg+xml

GET
H/1.1 200
OK netflix-270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 2714 9 KB
9 KB 312ms
312ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/netflix-270x191.jpg

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

813dbceeb8f51dcd55ad07f7ef3d5e0ca3ca0ca94cf2b333d1143b5aa58c2d0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:14 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 9187
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK lightbox-getmore-270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 2714 18 KB
18 KB 307ms
307ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/lightbox-getmore-270x191.jpg

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

b77be83b3130fe127c03ee3ec1dd9e34cf22210fbc50d1a934b2a55883639a16

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 18807
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK Spotify_270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 2714 87 KB
87 KB 311ms
311ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/Spotify_270x191.jpg

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

81d3c05fc8a724851257e91b7d177c9d1e39a10c16f8477e386b46ebc2f6d639

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 89112
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK WiFi_270x191.jpg
www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/ Frame 2714 61 KB
61 KB 316ms
316ms Image
image/jpeg 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/content/dam/telecomcms/responsive/images/more-for-you/WiFi_270x191.jpg

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

36383b062228c5b3510a1a0a59296cc22f7e722545038534c23b61c4d3b2d92b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 62804
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg

GET
H/1.1 200
OK api.js Show response
www.google.com/recaptcha/ Frame 2714 797 B
422 B 161ms
141ms Script
text/javascript 2a00:1450:401b:800::2004
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.google.com/recaptcha/api.js

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

2a00:1450:401b:800::2004 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

GSE /

Resource Hash

eb42ea0e87255e683600cc7f767b6418653193b566d88de70e53d98d49040805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:14 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: GSE
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=UTF-8
Cache-Control: private, max-age=300
Content-Length: 422
X-XSS-Protection: 1; mode=block
Expires: Mon, 21 Aug 2017 02:40:14 GMT

GET
H/1.1

302
Found

rd
dpm.demdex.net/id/ Frame 2714
Redirect Chain

http://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701
http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701

0
0

60ms
30ms

XHR

52.211.153.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 52.211.153.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-153-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 21 Aug 2017 02:40:13 GMT
Access-Control-Allow-Origin: http://www.claudiaschoices.ca
X-TID: sNtgDQmpTi8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 21 Aug 2017 02:40:13 GMT
Access-Control-Allow-Origin: http://www.claudiaschoices.ca
X-TID: sNtgDQmpTi8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.1 404
Not Found mbox-contents-de1b4d06fbe09f4993942f6b4da51a3f2f53a2c9.js
www.claudiaschoices.ca/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 2714 0
0 128ms
128ms Script
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/mbox-contents-de1b4d06fbe09f4993942f6b4da51a3f2f53a2c9.js
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:13 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=99
Content-Length: 442
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK rd Show response
dpm.demdex.net/id/ Frame 2714 336 B
289 B 33ms
32ms XHR
application/json 52.211.153.242
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=6DE543A85589B08F7F000101%40AdobeOrg&d_nsid=0&ts=1503283213701
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 52.211.153.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-153-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a173a6de10613db76df6faff2ea2319c5ab49524f3a03b22b05cd42b95acf484

Request headers

X-DevTools-Emulate-Network-Conditions-Client-Id: 5ceebc9b-8533-406b-9247-94d67cb161e2
Origin: http://www.claudiaschoices.ca
Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: irl1-prod-dcscanary-962acd00.edge-irl1.demdex.com 5.16.1.20170807121616 2ms
Pragma: no-cache
Date: Mon, 21 Aug 2017 02:40:13 GMT
Content-Encoding: gzip
X-TID: Pv+cqBmrSmc=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://www.claudiaschoices.ca
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=UTF-8
transfer-encoding: chunked
Expires: Thu, 01 Jan 2009 00:00:00 GMT

GET
H/1.1 200
OK id Show response
analytics.spark.co.nz/ Frame 2714 49 B
49 B 362ms
18ms XHR
application/x-javascript 66.235.148.73
Adobe Systems Inc.

General

Check archive.org

Show headers Download Go to

Full URL: http://analytics.spark.co.nz/id?d_visid_ver=2.3.0&d_fieldgroup=A&mcorgid=6DE543A85589B08F7F000101%40AdobeOrg&mid=00583987622298035643321722959253945770&ts=1503283213798
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 66.235.148.73 Lehi, United States, ASN15224 (OMNITURE - Adobe Systems Inc., US),
Reverse DNS: *.sc.omtrdc.net
Software: Omniture DC/2.0.0 /
Resource Hash: 803d2e70bbdac77ada6c8fd9fbe6cbab3fa785c46bbc0624c40ae9130ea88bf0

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
Origin: http://www.claudiaschoices.ca
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Mon, 21 Aug 2017 02:40:14 GMT
Server: Omniture DC/2.0.0
xserver: www200
Vary: Origin
X-C: ms-5.4.0
P3P: CP="This is not a P3P policy"
Access-Control-Allow-Origin: http://www.claudiaschoices.ca
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/x-javascript
Keep-Alive: timeout=15
Content-Length: 49

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=WZpIDwAAAewsL9VN
dpm.demdex.net/ Frame 2714
Redirect Chain

http://cm.everesttech.net/cm/dd?d_uuid=00214001410627530113358101352518573429
http://dpm.demdex.net/ibs:dpid=411&dpuuid=WZpIDwAAAewsL9VN

42 B
42 B

33ms
33ms

Image
image/gif

52.211.153.242
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://dpm.demdex.net/ibs:dpid=411&dpuuid=WZpIDwAAAewsL9VN
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 52.211.153.242 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-211-153-242.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

DCS: irl1-prod-dcs-e1b97a21.edge-irl1.demdex.com 5.16.1.20170807121616 2ms
Pragma: no-cache
Date: Mon, 21 Aug 2017 02:40:15 GMT
X-TID: MZx8McueTXk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 2009 00:00:00 GMT

Redirect headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: http://dpm.demdex.net/ibs:dpid=411&dpuuid=WZpIDwAAAewsL9VN
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET 1e9892c0-6927-4412-9874-1b82801ba47a.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET
H/1.1 200
OK gtm.js Show response
www.googletagmanager.com/ Frame 2714 267 KB
62 KB 24ms
18ms Script
application/javascript 2a00:1450:4001:81c::2008
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

http://www.googletagmanager.com/gtm.js?id=GTM-WT5NVL

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2008 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

67176dd0557153671db848b2b7f4bf23553556aeb9c7d9ff99cd53afac7b9edb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Content-Encoding: gzip
Server: Google Tag Manager (scaffolding)
Vary: Accept-Encoding
Content-Type: application/javascript; charset=UTF-8
Access-Control-Allow-Origin: http://www.googletagmanager.com
Cache-Control: private, max-age=900
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Content-Length: 63873
X-XSS-Protection: 1; mode=block
Expires: Mon, 21 Aug 2017 02:40:15 GMT

GET dest5.html
fast.sparknz.demdex.net/ Frame 2714 0
0

GET b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET 91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET spark-icon-family.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 2714 0
0

GET
S 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/api2/r20170816175713/ Frame 2714 216 KB
69 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:81c::2003
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/api2/r20170816175713/recaptcha__en.js

Requested by

Host: www.google.com
URL: http://www.google.com/recaptcha/api.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81c::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

sffe /

Resource Hash

7ab96c4fe5e8b79c66b0eba176deb67479cd313b1d1dc412991a959bfae73e19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Sun, 20 Aug 2017 23:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2017 01:15:00 GMT
server: sffe
age: 11499
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 70738
x-xss-protection: 1; mode=block
expires: Mon, 20 Aug 2018 23:28:36 GMT

GET
H/1.1 404
Not Found dil-contents-55e57c2ad764d9c482f4c3a29190cdaf9cf5b715.js
www.claudiaschoices.ca/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 2714 0
0 131ms
130ms Script
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/dil-contents-55e57c2ad764d9c482f4c3a29190cdaf9cf5b715.js
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=98
Content-Length: 441
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found s-code-contents-f6fa8cd17baf6aa7489d584dc9710bff2a2f442d.js
www.claudiaschoices.ca/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/ Frame 2714 0
0 260ms
131ms Script
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/s-code-contents-f6fa8cd17baf6aa7489d584dc9710bff2a2f442d.js
Requested by: Host: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/telecomcms/dtm/a1e74defba8420ac0e0d82257c2eca7b9090cdf3/satelliteLib-8eaee8019dc88e433433f8408e5bff586c59ce41.js
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 444
Content-Type: text/html; charset=iso-8859-1

GET f26faddb-86cc-4477-a253-1e1287684336.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET utilityicon.woff
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 2714 0
0

GET
H/1.1 200
OK checkradio.png
www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive/images/sprite/ Frame 2714 11 KB
11 KB 309ms
308ms Image
image/png 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive/images/sprite/checkradio.png

Requested by

Host: www.spark.co.nz
URL: http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.js

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

dc92aebdca82a16fa8cd624e4761e96fd754cb8bfbcd0b51f51f66028393c04b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive2.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
X-Cnection: close
Server: Apache
Accept-Ranges: bytes
Content-Length: 11471
X-Frame-Options: SAMEORIGIN
Content-Type: image/png

GET
H/1.1 404
Not Found loadingIcon_desktop.gif
www.claudiaschoices.ca/content/dam/telecomcms/responsive/images/shop/internet/fibre-speed/ Frame 2714 407 B
0 260ms
131ms Image
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/responsive/images/shop/internet/fibre-speed/loadingIcon_desktop.gif
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash: 3aa8bf9990b3a0a0cf3704a912202a81941c7e229091d6d2f3e3af642723864a

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 407
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found extras.png
www.claudiaschoices.ca/content/dam/telecomcms/cart/ Frame 2714 355 B
0 260ms
131ms Image
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/cart/extras.png
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash: 7f2b98b0060e6424174bc76cc9651925c9fb7b6f974859f1d0580300390f7a1b

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 355
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found accessory.png
www.claudiaschoices.ca/content/dam/telecomcms/cart/ Frame 2714 358 B
0 261ms
132ms Image
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/cart/accessory.png
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash: 68c3e7fd1f84e428c5d3c76e4f2810a61a3d1b9104c7887dfc0d6f0cb21aecda

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 358
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found gift.png
www.claudiaschoices.ca/content/dam/telecomcms/cart/ Frame 2714 353 B
0 261ms
132ms Image
text/html 67.43.0.210
Liquid Web

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.claudiaschoices.ca/content/dam/telecomcms/cart/gift.png
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Server: 67.43.0.210 Lansing, United States, ASN32244 (LIQUID-WEB-INC - Liquid Web, L.L.C, US),
Reverse DNS: host.fimedia.ca
Software: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4 /
Resource Hash: 80172f8b86b8002b0e6f6fbd0508b38183965501d3b493e5a6aa343aed33928d

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Server: Apache/2.2.26 (Unix) mod_ssl/2.2.26 OpenSSL/1.0.1e-fips DAV/2 mod_bwlimited/1.4
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 353
Content-Type: text/html; charset=iso-8859-1

GET 46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET 890bd988-5306-43ff-bd4b-922bc5ebdeb4.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET a0f4c2f9-8a42-4786-ad00-fce42b57b148.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET
S

200

analytics.js Show response
www.google-analytics.com/ Frame 2714
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

32 KB
13 KB

6ms
6ms

Script
text/javascript

2a00:1450:4001:81c::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

05543bbe521e84ec1484cf2b874042d564195eb35989edf69906d4acaee528cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Aug 2017 14:40:11 GMT
server: Golfe2
age: 5110
date: Mon, 21 Aug 2017 01:15:05 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 13442
expires: Mon, 21 Aug 2017 03:15:05 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS

GET
H/1.1 200
OK 6377.js Show response
dnn506yrbagrg.cloudfront.net/pages/scripts/0046/ Frame 2714 12 KB
4 KB 215ms
110ms Script
application/x-javascript 52.84.118.149
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: http://dnn506yrbagrg.cloudfront.net/pages/scripts/0046/6377.js?417578
Requested by: Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WT5NVL
Protocol: HTTP/1.1
Server: 52.84.118.149 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-84-118-149.iad16.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 92a53a0bb3c4d35ec2ca93356858ae693f61367cc01d36e2e5a8b1d3b1f6686d

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Wed, 16 Aug 2017 23:49:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2017 23:46:44 GMT
Server: AmazonS3
Age: 3001
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 3f664d29b735d0f07574fc4382fb0221.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Connection: keep-alive
X-Amz-Cf-Id: 4sNGCCAgbDqOK6pIqQXiHUO7PfB-a8xY5KpH0LzMnyi87MsigRLVgw==

GET
H/1.1 200
OK gwc-default.css
www.spark.co.nz/content/dam/kb/public/css/ Frame 2714 358 KB
50 KB 330ms
330ms Stylesheet
text/css 146.171.248.36
TAS-SPARK-NZ Spar...

General

Check archive.org

Show headers Download Go to

Full URL

http://www.spark.co.nz/content/dam/kb/public/css/gwc-default.css

Requested by

Host: www.googletagmanager.com
URL: http://www.googletagmanager.com/gtm.js?id=GTM-WT5NVL

Protocol

HTTP/1.1

Server

146.171.248.36 Auckland, New Zealand, ASN2570 (TAS-SPARK-NZ Spark New Zealand Trading Ltd, NZ),

Reverse DNS

Software

Apache /

Resource Hash

c09f4b70b55848fbc97ff074f0b636f6f830b7f5c8635085b58e40b977cdee0a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:15 GMT
Content-Encoding: gzip
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Content-Type: text/css
X-Cnection: close
Accept-Ranges: bytes
Content-Length: 51593

GET gwc-env.js
www.spark.co.nz/content/dam/kb/public/libs/ Frame 2714 0
0

GET fallback
www.google.com/recaptcha/api/ Frame 2714 0
0

GET spark-icon-family.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 2714 0
0

GET 63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/ Frame 2714 0
0

GET utilityicon.ttf
www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/ Frame 2714 0
0

GET
S 200 js Show response
www.google-analytics.com/gtm/ Frame 2714 41 KB
16 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:81c::200e
Google Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-PJHP8WD&t=gtm1&cid=1042049158.1503283216

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Google Tag Manager (scaffolding) /

Resource Hash

b950bc02a9bebe4007fb05ed669145b3c445f9c9c05c38e02a9f70ec1cc7c22b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

date: Mon, 21 Aug 2017 02:40:15 GMT
content-encoding: gzip
server: Google Tag Manager (scaffolding)
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 16247
x-xss-protection: 1; mode=block
expires: Mon, 21 Aug 2017 02:40:15 GMT

GET
S

200

collect
www.google-analytics.com/ Frame 2714
Redirect Chain

http://www.google-analytics.com/collect?v=1&_v=j59&a=1078029226&t=pageview&_s=1&dl=http%3A%2F%2Fwww.claudiaschoices.ca%2F%2FSparks%2FXtra.html&dr=http%3A%2F%2Fapartamentoselcueto.com%2FSparks%2FXtr...
https://www.google-analytics.com/collect?v=1&_v=j59&a=1078029226&t=pageview&_s=1&dl=http%3A%2F%2Fwww.claudiaschoices.ca%2F%2FSparks%2FXtra.html&dr=http%3A%2F%2Fapartamentoselcueto.com%2FSparks%2FXt...

35 B
44 B

6ms
6ms

Image
image/gif

2a00:1450:4001:81c::200e
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j59&a=1078029226&t=pageview&_s=1&dl=http%3A%2F%2Fwww.claudiaschoices.ca%2F%2FSparks%2FXtra.html&dr=http%3A%2F%2Fapartamentoselcueto.com%2FSparks%2FXtra.html&ul=en-us&de=UTF-8&dt=Spark%20Email&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=377581629&gjid=1583115945&cid=1042049158.1503283216&tid=UA-48213762-2&_gid=902824943.1503283216&gtm=GTM-WT5NVL&cd13=%2F%2FSparks%2FXtra.html&cd17=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&z=1266550284

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Aug 2017 18:57:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 286963
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://www.google-analytics.com/collect?v=1&_v=j59&a=1078029226&t=pageview&_s=1&dl=http%3A%2F%2Fwww.claudiaschoices.ca%2F%2FSparks%2FXtra.html&dr=http%3A%2F%2Fapartamentoselcueto.com%2FSparks%2FXtra.html&ul=en-us&de=UTF-8&dt=Spark%20Email&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=aGDAgEADQ~&jid=377581629&gjid=1583115945&cid=1042049158.1503283216&tid=UA-48213762-2&_gid=902824943.1503283216&gtm=GTM-WT5NVL&cd13=%2F%2FSparks%2FXtra.html&cd17=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855&z=1266550284
Non-Authoritative-Reason: HSTS

GET
S

200

ga-audiences
www.google.de/ads/ Frame 2714
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=377581629&_v=j59&z=661313727
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=377581629&_v=j59&z=661313727&slf_rd=1&random=1419273831

42 B
60 B

103ms
41ms

Image
image/gif

2a00:1450:401b:800::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=377581629&_v=j59&z=661313727&slf_rd=1&random=1419273831

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2017 02:40:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2017 02:40:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=377581629&_v=j59&z=661313727&slf_rd=1&random=1419273831
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/ Frame 2714
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1042049158.1503283216&jid=857846732&_v=j59&z=2140767360
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1042049158.1503283216&jid=857846732&_v=j59&z=2140767360&slf_rd=1&random=2864712619

42 B
60 B

104ms
42ms

Image
image/gif

2a00:1450:401b:800::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1042049158.1503283216&jid=857846732&_v=j59&z=2140767360&slf_rd=1&random=2864712619

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2017 02:40:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2017 02:40:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-11&cid=1042049158.1503283216&jid=857846732&_v=j59&z=2140767360&slf_rd=1&random=2864712619
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
S

200

ga-audiences
www.google.de/ads/ Frame 2714
Redirect Chain

https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=1003446848&_v=j59&z=2124576346
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=1003446848&_v=j59&z=2124576346&slf_rd=1&random=4182369174

42 B
60 B

104ms
42ms

Image
image/gif

2a00:1450:401b:800::2003
Google Inc.

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=1003446848&_v=j59&z=2124576346&slf_rd=1&random=4182369174

Requested by

Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Protocol

SPDY

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:401b:800::2003 , Ireland, ASN15169 (GOOGLE - Google Inc., US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 21 Aug 2017 02:40:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 21 Aug 2017 02:40:15 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-48213762-2&cid=1042049158.1503283216&jid=1003446848&_v=j59&z=2124576346&slf_rd=1&random=4182369174
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="39,38,37,35"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK s
gtrk.s3.amazonaws.com/ Frame 2714 32 B
32 B 396ms
98ms Image
image/gif 52.216.17.216
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrk.s3.amazonaws.com/s?u=466377&t=ov0kr3
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.216 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:17 GMT
Last-Modified: Tue, 09 Feb 2016 23:57:19 GMT
Server: AmazonS3
x-amz-request-id: 0D8B194B77192F3F
ETag: "776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 32
x-amz-id-2: aw3FBx72EgumtKVdjdxnTu5CJWjOHQsmAWHPgNi8ktqGYGg1oKK51PbN6nsMHxDy5Wk56h2FZ1A=

GET
H/1.1 200
OK u
gtrk.s3.amazonaws.com/ Frame 2714 32 B
32 B 407ms
110ms Image
image/gif 52.216.17.216
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gtrk.s3.amazonaws.com/u?u=466377&t=ov0kr3
Requested by: Host: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.17.216 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1

Request headers

Referer: http://www.claudiaschoices.ca//Sparks/Xtra.html
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/60.0.3112.90 Safari/537.36

Response headers

Date: Mon, 21 Aug 2017 02:40:17 GMT
Last-Modified: Tue, 09 Feb 2016 23:57:32 GMT
Server: AmazonS3
x-amz-request-id: 4A966F2CA37DF2EE
ETag: "776f5f447e5e03b50f3bc4d4ec78daaa"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 32
x-amz-id-2: 3BXg0rKNaBaA3mjkRFwl3BsNBQEYzALTP2h35x7+24TDwUb5gtQedtyak/nVVQjdMmP/KEhC6S4=

GET f26faddb-86cc-4477-a253-1e1287684336.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 2714 0
0

GET spark-icon-family.woff
www.spark.co.nz/content/dam/kb/public/font/spark-icons/ Frame 2714 0
0

GET 91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 2714 0
0

GET utilityicon.woff
www.spark.co.nz/content/dam/kb/public/font/fontello/ Frame 2714 0
0

GET b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 2714 0
0

GET 1e9892c0-6927-4412-9874-1b82801ba47a.woff
www.spark.co.nz/content/dam/kb/public/font/avenir/ Frame 2714 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.claudiaschoices.ca
URL: http://www.claudiaschoices.ca//Sparks/Xtra.html

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/1e9892c0-6927-4412-9874-1b82801ba47a.woff

Domain: fast.sparknz.demdex.net
URL: http://fast.sparknz.demdex.net/dest5.html?d_nsid=0

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/f26faddb-86cc-4477-a253-1e1287684336.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/utilityicon.woff?

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/46cf1067-688d-4aab-b0f7-bd942af6efd8.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/890bd988-5306-43ff-bd4b-922bc5ebdeb4.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/a0f4c2f9-8a42-4786-ad00-fce42b57b148.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/libs/gwc-env.js

Domain: www.google.com
URL: https://www.google.com/recaptcha/api/fallback?k=6Lc9MfkSAAAAAGH146kKWFcZS6ACWucEw1id3B0W&hl=en&v=r20170816175713&t=0&ff=true

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/spark-icon-family.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Avenir/63a74598-733c-4d0c-bd91-b01bffcd6e69.ttf

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/sparkresponsive/font/Fontello/utilityicon.ttf?

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/f26faddb-86cc-4477-a253-1e1287684336.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/spark-icons/spark-icon-family.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/91b50bbb-9aa1-4d54-9159-ec6f19d14a7c.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/fontello/utilityicon.woff?

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/b8e906a1-f5e8-4bf1-8e80-82c646ca4d5f.woff

Domain: www.spark.co.nz
URL: http://www.spark.co.nz/content/dam/kb/public/font/avenir/1e9892c0-6927-4412-9874-1b82801ba47a.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Spark (Telecommunication)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: http://www.spark.co.nz/etc/designs/spark-responsive/clientlib-responsive.js(Line 15074) Message: JQMIGRATE: Logging is active

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.spark.co.nz
apartamentoselcueto.com
dnn506yrbagrg.cloudfront.net
dpm.demdex.net
fast.sparknz.demdex.net
gtrk.s3.amazonaws.com
www.claudiaschoices.ca
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.spark.co.nz
fast.sparknz.demdex.net
www.claudiaschoices.ca
www.google.com
www.spark.co.nz
146.171.248.36
164.138.209.44
2a00:1450:4001:81c::2003
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a00:1450:401b:800::2003
2a00:1450:401b:800::2004
52.211.153.242
52.216.17.216
52.84.118.149
66.235.148.73
67.43.0.210
05543bbe521e84ec1484cf2b874042d564195eb35989edf69906d4acaee528cb
2d678f042202d349548df91c4a608816230c10eb43b24e409d889aae2392658a
36383b062228c5b3510a1a0a59296cc22f7e722545038534c23b61c4d3b2d92b
3907ffcb48ada3e2f17e229b7784de07e2817af407dc19819ccc9adecd463b71
3aa8bf9990b3a0a0cf3704a912202a81941c7e229091d6d2f3e3af642723864a
48fc2032a4f46dbe77bb60a2d7debe4add8e1b7a7ba8aee1af5835b2aeb09f44
67176dd0557153671db848b2b7f4bf23553556aeb9c7d9ff99cd53afac7b9edb
68c3e7fd1f84e428c5d3c76e4f2810a61a3d1b9104c7887dfc0d6f0cb21aecda
7853a06842ec6d91a6c1c3ebd58d51bafd9ec3cf578649aff614629b5aea0497
7ab96c4fe5e8b79c66b0eba176deb67479cd313b1d1dc412991a959bfae73e19
7f2b98b0060e6424174bc76cc9651925c9fb7b6f974859f1d0580300390f7a1b
80172f8b86b8002b0e6f6fbd0508b38183965501d3b493e5a6aa343aed33928d
803d2e70bbdac77ada6c8fd9fbe6cbab3fa785c46bbc0624c40ae9130ea88bf0
813dbceeb8f51dcd55ad07f7ef3d5e0ca3ca0ca94cf2b333d1143b5aa58c2d0a
81d3c05fc8a724851257e91b7d177c9d1e39a10c16f8477e386b46ebc2f6d639
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
853b983923a033223e4f391790e6e86619b31d542b40e7e1e8221fb0d6957ab1
8c45a8cd0231d698fdf1091c699209d933ccc45b5299f40993e0438d4de97feb
8cd0112b63387703de5702e3604c364adad1548f16f995fcc9c75ecef36f9119
92a53a0bb3c4d35ec2ca93356858ae693f61367cc01d36e2e5a8b1d3b1f6686d
954185f0547dfbddd67362626dbf75eea4ef8062f978a9e547eb009623eed561
a173a6de10613db76df6faff2ea2319c5ab49524f3a03b22b05cd42b95acf484
a518f77fcc3cc4dddca7f671f5b5863b8ca4c8052430a3b1dd04d57ce7730e2c
b77be83b3130fe127c03ee3ec1dd9e34cf22210fbc50d1a934b2a55883639a16
b950bc02a9bebe4007fb05ed669145b3c445f9c9c05c38e02a9f70ec1cc7c22b
c09f4b70b55848fbc97ff074f0b636f6f830b7f5c8635085b58e40b977cdee0a
c4c539ab1f051aa6fc04c8d9eee0cebd275c9988835c5055a5a3950018ca9f9c
dc92aebdca82a16fa8cd624e4761e96fd754cb8bfbcd0b51f51f66028393c04b
eb42ea0e87255e683600cc7f767b6418653193b566d88de70e53d98d49040805
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3af1b75a9a93913fcd2fe47b1d76439b644dd673a7a145232246f173d043d15
f5e6c2edeb2b2268bb3d288ef77ef259d55560c4a99b04feeddf42331cfe1d63

apartamentoselcueto.com Open in urlscan Pro 164.138.209.44 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

62 Requests

15 %HTTPS

42 %IPv6

11 Domains

13 Subdomains

13 IPs

4 Countries

994 kBTransfer

3851 kBSize

0 Cookies

96 Outgoing links

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

apartamentoselcueto.com Open in urlscan Pro
164.138.209.44 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

15 %
HTTPS

42 %
IPv6

11
Domains

13
Subdomains

13
IPs

4
Countries

994 kB
Transfer

3851 kB
Size

0
Cookies

62 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!