urlscan.io logo urlscan.io
SecurityTrails logo

businessdesk.co.nz Open in urlscan Pro
104.18.13.105  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://email.mail.businessdesk.co.nz/c/eJxtjrtuxSAQBb_GNEiI5WHsgiJNyvwDZnGM7AtXLBFJvj6O0kY63UgzJ3mYnYJVWW0YelCzSSvLXkmlQKlFgrUaRNg3CR...
Effective URL: https://businessdesk.co.nz/login
Submission: On February 08 via api from NZ — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 55 IPs in 4 countries across 34 domains to perform 176 HTTP transactions. The main IP is 104.18.13.105, located in and belongs to CLOUDFLARENET, US. The main domain is businessdesk.co.nz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 16th 2022. Valid for: a year.
This is the only time businessdesk.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 34.86.85.56 396982 (GOOGLE-CL...)
2 3 104.18.13.105 13335 (CLOUDFLAR...)
2 142.251.12.95 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
23 104.18.12.105 13335 (CLOUDFLAR...)
3 8 172.217.194.154 15169 (GOOGLE)
1 172.67.71.218 13335 (CLOUDFLAR...)
3 74.125.68.113 15169 (GOOGLE)
4 74.125.24.84 15169 (GOOGLE)
1 172.253.118.100 15169 (GOOGLE)
1 104.16.56.101 13335 (CLOUDFLAR...)
5 142.250.4.97 15169 (GOOGLE)
3 172.217.194.94 15169 (GOOGLE)
3 142.251.10.154 15169 (GOOGLE)
2 74.125.130.95 15169 (GOOGLE)
2 74.125.68.95 15169 (GOOGLE)
1 142.251.12.141 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
1 142.250.4.154 15169 (GOOGLE)
3 142.250.4.156 15169 (GOOGLE)
2 142.250.4.132 15169 (GOOGLE)
6 172.217.194.113 15169 (GOOGLE)
1 2 74.125.24.149 15169 (GOOGLE)
1 23.45.116.82 20940 (AKAMAI-ASN1)
1 2 74.125.24.148 15169 (GOOGLE)
5 13.227.254.18 16509 (AMAZON-02)
3 157.240.13.19 32934 (FACEBOOK)
1 199.232.44.157 54113 (FASTLY)
3 8 34.111.234.236 396982 (GOOGLE-CL...)
1 34.110.169.10 396982 (GOOGLE-CL...)
1 216.239.38.181 15169 (GOOGLE)
15 172.253.118.155 15169 (GOOGLE)
2 74.125.24.94 15169 (GOOGLE)
5 172.217.194.132 15169 (GOOGLE)
1 52.43.194.186 16509 (AMAZON-02)
1 3 13.35.8.118 16509 (AMAZON-02)
1 13.35.8.26 16509 (AMAZON-02)
3 4 108.174.10.20 14413 (LINKEDIN)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.67 13414 (TWITTER)
3 5 139.5.84.243 27381 (CASALE-MEDIA)
3 4 104.254.151.68 29990 (ASN-APPNEX)
1 2 52.89.238.92 16509 (AMAZON-02)
2 2 15.197.193.217 16509 (AMAZON-02)
2 2 18.136.33.92 16509 (AMAZON-02)
2 3 18.141.80.142 16509 (AMAZON-02)
2 172.253.118.104 15169 (GOOGLE)
2 74.125.24.156 15169 (GOOGLE)
3 151.101.66.133 54113 (FASTLY)
2 104.103.151.89 16625 (AKAMAI-AS)
30 184.25.220.49 16625 (AKAMAI-AS)
4 157.240.13.35 32934 (FACEBOOK)
2 52.35.196.159 16509 (AMAZON-02)
2 3.0.242.200 16509 (AMAZON-02)
1 54.192.150.79 16509 (AMAZON-02)
2 34.192.158.26 ()
2 142.251.12.100 ()
176 55
1    34.86.85.56 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 56.85.86.34.bc.googleusercontent.com
email.mail.businessdesk.co.nz
3    104.18.13.105 (None, )

ASN13335 (CLOUDFLARENET, US)
www.businessdesk.co.nz
businessdesk.co.nz
2    142.251.12.95 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f95.1e100.net
fonts.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
23    104.18.12.105 (None, )

ASN13335 (CLOUDFLARENET, US)
businessdesk.co.nz
8    172.217.194.154 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f154.1e100.net
www.googletagservices.com
googleads.g.doubleclick.net
cm.g.doubleclick.net
1    172.67.71.218 (United States)

ASN13335 (CLOUDFLARENET, US)
nzme-ads.co.nz
3    74.125.68.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f113.1e100.net
news.google.com
4    74.125.24.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f84.1e100.net
accounts.google.com
1    172.253.118.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f100.1e100.net
www.googleoptimize.com
1    104.16.56.101 (None, )

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
5    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
3    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
www.gstatic.com
3    142.251.10.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f154.1e100.net
securepubads.g.doubleclick.net
2    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
firebase.googleapis.com
2    74.125.68.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f95.1e100.net
firebaseinstallations.googleapis.com
1    142.251.12.141 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f141.1e100.net
csp.withgoogle.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
fonts.gstatic.com
1    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
adservice.google.co.nz
3    142.250.4.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f156.1e100.net
adservice.google.com
2    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
6    172.217.194.113 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f113.1e100.net
www.google-analytics.com
2    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
9751041.fls.doubleclick.net
1    23.45.116.82 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-45-116-82.deploy.static.akamaitechnologies.com
snap.licdn.com
2    74.125.24.148 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f148.1e100.net
10888750.fls.doubleclick.net
5    13.227.254.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-18.sin52.r.cloudfront.net
cdn-gl.imrworldwide.com
3    157.240.13.19 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-sin6.fbcdn.net
connect.facebook.net
1    199.232.44.157 (Singapore)

ASN54113 (FASTLY, US)
static.ads-twitter.com
8    34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com
ml314.com
1    34.110.169.10 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 10.169.110.34.bc.googleusercontent.com
karma-tracker.nzmedata.co.nz
1    216.239.38.181 (United States)

ASN15169 (GOOGLE, US)
analytics.google.com
15    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
stats.g.doubleclick.net
pagead2.googlesyndication.com
2    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.google.co.nz
5    172.217.194.132 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f132.1e100.net
tpc.googlesyndication.com
1    52.43.194.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-194-186.us-west-2.compute.amazonaws.com
in.ml314.com
3    13.35.8.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-118.sin5.r.cloudfront.net
secure-gl.imrworldwide.com
1    13.35.8.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-8-26.sin5.r.cloudfront.net
cdn.linkedin.oribi.io
4    108.174.10.20 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-20.fwd.linkedin.com
px.ads.linkedin.com
www.linkedin.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
5    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
4    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    52.89.238.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-238-92.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    18.136.33.92 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-136-33-92.ap-southeast-1.compute.amazonaws.com
sync.crwdcntrl.net
3    18.141.80.142 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
ps.eyeota.net
2    172.253.118.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f104.1e100.net
www.google.com
2    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
googleads4.g.doubleclick.net
3    151.101.66.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
consumer.krxd.net
2    104.103.151.89 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-103-151-89.deploy.static.akamaitechnologies.com
servedby.flashtalking.com
30    184.25.220.49 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-220-49.deploy.static.akamaitechnologies.com
cdn.flashtalking.com
img.flashtalking.com
4    157.240.13.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-sin6.facebook.com
www.facebook.com
2    52.35.196.159 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-196-159.us-west-2.compute.amazonaws.com
beacon.krxd.net
2    3.0.242.200 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-0-242-200.ap-southeast-1.compute.amazonaws.com
secure-dcr.imrworldwide.com
1    54.192.150.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-79.sin2.r.cloudfront.net
4qnitimppku2hvkonpxjl71vk8ldi1675888568.nuid.imrworldwide.com
2    34.192.158.26 (None, )

ASN- ()
fm.flashtalking.com
2    142.251.12.100 (None, )

ASN- ()
play.google.com
Apex Domain
Subdomains		 Transfer
34 flashtalking.com
servedby.flashtalking.com — Cisco Umbrella Rank: 791
cdn.flashtalking.com — Cisco Umbrella Rank: 1006
fm.flashtalking.com
img.flashtalking.com
635 KB
27 businessdesk.co.nz
email.mail.businessdesk.co.nz
www.businessdesk.co.nz
businessdesk.co.nz
950 KB
20 googlesyndication.com
4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 140
94 KB
17 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187
9751041.fls.doubleclick.net
10888750.fls.doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
googleads.g.doubleclick.net — Cisco Umbrella Rank: 29
cm.g.doubleclick.net — Cisco Umbrella Rank: 207
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 334
163 KB
15 google.com
news.google.com — Cisco Umbrella Rank: 5833
accounts.google.com — Cisco Umbrella Rank: 70
adservice.google.com — Cisco Umbrella Rank: 67
analytics.google.com — Cisco Umbrella Rank: 320
www.google.com — Cisco Umbrella Rank: 2
play.google.com
191 KB
11 imrworldwide.com
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2802
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1583
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2835
4qnitimppku2hvkonpxjl71vk8ldi1675888568.nuid.imrworldwide.com
80 KB
9 ml314.com
ml314.com — Cisco Umbrella Rank: 1698
in.ml314.com — Cisco Umbrella Rank: 9254
12 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 23
20 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
firebase.googleapis.com — Cisco Umbrella Rank: 6100
firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 590
3 KB
5 krxd.net
cdn.krxd.net — Cisco Umbrella Rank: 1953
beacon.krxd.net — Cisco Umbrella Rank: 601
consumer.krxd.net — Cisco Umbrella Rank: 2778
88 KB
5 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540
4 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 41
297 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
308 B
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 205
4 KB
4 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 349
www.linkedin.com — Cisco Umbrella Rank: 560
5 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
64 KB
3 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 988
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
244 KB
3 google.co.nz
adservice.google.co.nz — Cisco Umbrella Rank: 128842
www.google.co.nz — Cisco Umbrella Rank: 37077
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 763
865 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 297
946 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 201
2 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 186
75 KB
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 614
396 B
1 t.co
t.co — Cisco Umbrella Rank: 514
379 B
1 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 811
367 B
1 nzmedata.co.nz
karma-tracker.nzmedata.co.nz
18 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 600
15 KB
1 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 694
5 KB
1 withgoogle.com
csp.withgoogle.com — Cisco Umbrella Rank: 466
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 925
6 KB
1 googleoptimize.com
www.googleoptimize.com — Cisco Umbrella Rank: 901
44 KB
1 nzme-ads.co.nz
nzme-ads.co.nz — Cisco Umbrella Rank: 487132
8 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
6 KB
176 34
Domain Requested by
25 businessdesk.co.nz 1 redirects businessdesk.co.nz
static.cloudflareinsights.com
20 cdn.flashtalking.com servedby.flashtalking.com
cdn.flashtalking.com
13 pagead2.googlesyndication.com 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
10 img.flashtalking.com
8 ml314.com 3 redirects businessdesk.co.nz
ml314.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 tpc.googlesyndication.com 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
5 cdn-gl.imrworldwide.com www.googletagmanager.com
cdn-gl.imrworldwide.com
5 www.googletagmanager.com businessdesk.co.nz
www.gstatic.com
www.googleoptimize.com
www.googletagmanager.com
4 www.facebook.com businessdesk.co.nz
4 ib.adnxs.com 3 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 accounts.google.com businessdesk.co.nz
accounts.google.com
3 ps.eyeota.net 2 redirects businessdesk.co.nz
3 px.ads.linkedin.com 2 redirects businessdesk.co.nz
3 secure-gl.imrworldwide.com 1 redirects cdn-gl.imrworldwide.com
businessdesk.co.nz
3 connect.facebook.net businessdesk.co.nz
connect.facebook.net
3 adservice.google.com securepubads.g.doubleclick.net
9751041.fls.doubleclick.net
10888750.fls.doubleclick.net
3 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
3 www.gstatic.com businessdesk.co.nz
3 news.google.com businessdesk.co.nz
news.google.com
2 play.google.com
2 fm.flashtalking.com cdn.flashtalking.com
2 secure-dcr.imrworldwide.com businessdesk.co.nz
2 beacon.krxd.net 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
cdn.krxd.net
2 servedby.flashtalking.com 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
2 cdn.krxd.net googleads.g.doubleclick.net
cdn.krxd.net
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 www.google.com businessdesk.co.nz
tpc.googlesyndication.com
2 sync.crwdcntrl.net 2 redirects
2 match.adsrvr.org 2 redirects
2 dpm.demdex.net 1 redirects businessdesk.co.nz
2 googleads.g.doubleclick.net 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
2 www.google.co.nz businessdesk.co.nz
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 10888750.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 9751041.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 firebaseinstallations.googleapis.com www.gstatic.com
2 firebase.googleapis.com www.gstatic.com
2 www.googletagservices.com businessdesk.co.nz
4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
2 fonts.googleapis.com businessdesk.co.nz
1 consumer.krxd.net cdn.krxd.net
1 4qnitimppku2hvkonpxjl71vk8ldi1675888568.nuid.imrworldwide.com businessdesk.co.nz
1 analytics.twitter.com businessdesk.co.nz
1 t.co businessdesk.co.nz
1 www.linkedin.com 1 redirects
1 cdn.linkedin.oribi.io snap.licdn.com
1 in.ml314.com ml314.com
1 analytics.google.com www.googletagmanager.com
1 karma-tracker.nzmedata.co.nz businessdesk.co.nz
1 static.ads-twitter.com businessdesk.co.nz
1 snap.licdn.com www.googletagmanager.com
1 adservice.google.co.nz securepubads.g.doubleclick.net
1 fonts.gstatic.com businessdesk.co.nz
1 csp.withgoogle.com businessdesk.co.nz
1 static.cloudflareinsights.com businessdesk.co.nz
1 www.googleoptimize.com businessdesk.co.nz
1 nzme-ads.co.nz businessdesk.co.nz
1 cdnjs.cloudflare.com businessdesk.co.nz
1 www.businessdesk.co.nz 1 redirects
1 email.mail.businessdesk.co.nz 1 redirects
176 63

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
linkedin.com
Subject Issuer Validity Valid
businessdesk.co.nz
Cloudflare Inc ECC CA-3		 2022-06-16 -
2023-06-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.news.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.appspot.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.co.nz
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-11-18 -
2023-02-16		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
ml314.com
GTS CA 1D4		 2022-12-14 -
2023-03-14		 3 months crt.sh
karma-tracker.nzmedata.co.nz
GTS CA 1D4		 2023-01-20 -
2023-04-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
*.ml314.com
Amazon RSA 2048 M01		 2023-02-07 -
2023-12-12		 10 months crt.sh
linkedin.oribi.io
Amazon		 2022-07-07 -
2023-08-06		 a year crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
*.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-12 -
2024-01-12		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-01-09 -
2023-04-03		 3 months crt.sh
cdn.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-26 -
2023-10-25		 a year crt.sh
servedby.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-11 -
2023-11-12		 a year crt.sh
cdn.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-20 -
2023-05-20		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-20 -
2023-10-19		 a year crt.sh
*.nuid.imrworldwide.com
Amazon		 2022-05-12 -
2023-06-10		 a year crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-08 -
2023-06-07		 a year crt.sh
*.flashtalking.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-02-27		 a year crt.sh

This page contains 14 frames:

Primary Page: https://businessdesk.co.nz/login
Frame ID: 5EE68F03F18B59948370997DE01FEAF5
Requests: 93 HTTP requests in this frame

Frame: https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=filled_black&text=signin_with&size=large&logo_alignment=left&width=324&client_id=263002134568-g737gmd50lftc3h9p9hovqp1tjvcvqc1.apps.googleusercontent.com&iframe_id=gsi_563551_772073&as=JLGXZW1dxPx9z1cbJdVJOQ
Frame ID: 11B9A39C28AACC3655DE04FCE57647E3
Requests: 4 HTTP requests in this frame

Frame: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FA6A93D6F1FB66501535C82AFD57DB46
Requests: 1 HTTP requests in this frame

Frame: https://9751041.fls.doubleclick.net/activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
Frame ID: 6DA65A30D2443D165BE539B7B2E838E2
Requests: 2 HTTP requests in this frame

Frame: https://10888750.fls.doubleclick.net/activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
Frame ID: A0AD7B5BFF8BA0F081A65EE786C1F0C0
Requests: 2 HTTP requests in this frame

Frame: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5434DE40AF7316955459509BE5B735FB
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIiIUBCbiq0BGKmmuckBMAE&v=APEucNUXVE-WJnns4_7XhPYcC91wMOH09IFcbDjpY8ih8Fem0b-qz4FQNR5-2CkvK04t6K_10NyhaJzCmUVsxfPCXqbL-FUjJw
Frame ID: 28B44470D78924F9499E799FFC72C524
Requests: 5 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: C055A7A34D383B1C714F48F3A9BE706F
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 56B8902F4AA872E4CC06A8B479645E26
Requests: 3 HTTP requests in this frame

Frame: https://cdn.flashtalking.com/160230/3854629/index.html
Frame ID: F2AEFE41828F106F77F3007D2599B837
Requests: 32 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 4C39ABE6B6F44D06617E1B68B298683C
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 2B4CDB15F65381E792B19F7CBD2F5DE2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E0D233F5A78C16CC6C8B03D901F7E37D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C9E3BE858239D8D273FAB86C83EC5F9F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

BusinessDesk | NZ breaking news and commentary on business, NZX and politics

Page URL History Show full URLs

  1. http://email.mail.businessdesk.co.nz/c/eJxtjrtuxSAQBb_GNEiI5WHsgiJNyvwDZnGM7AtXLBFJvj6O0kY63UgzJ3mYnYJVWW0YelCzSS... HTTP 302
    https://www.businessdesk.co.nz/settings HTTP 301
    https://businessdesk.co.nz/settings HTTP 302
    https://businessdesk.co.nz/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googleoptimize\.com/optimize\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

94 %
HTTPS

0 %
IPv6

34
Domains

63
Subdomains

55
IPs

4
Countries

3024 kB
Transfer

8252 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://email.mail.businessdesk.co.nz/c/eJxtjrtuxSAQBb_GNEiI5WHsgiJNyvwDZnGM7AtXLBFJvj6O0kY63UgzJ3mYnYJVWW0YelCzSSvLXkmlQKlFgrUaRNg3CREs4gZ7CDgZ-Qj5EtsH5ZKIMNEpYhXlmx3eWLnN6CzqoGa7xxWTM4te7SKddZDY5Y_enzTpl0m93htj_GO6AaXec3kn1jzlRy1JHAGv9HXnzzxy-73wV-3-LfX9yp-8Vx5biCfWUXgt_BmIRm3I6Qjtlv0AJmZOaQ HTTP 302
    https://www.businessdesk.co.nz/settings HTTP 301
    https://businessdesk.co.nz/settings HTTP 302
    https://businessdesk.co.nz/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 55
  • https://9751041.fls.doubleclick.net/activityi;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin HTTP 302
  • https://9751041.fls.doubleclick.net/activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
Request Chain 57
  • https://10888750.fls.doubleclick.net/activityi;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin HTTP 302
  • https://10888750.fls.doubleclick.net/activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
Request Chain 81
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D508220483%26time%3D1675888565964%26url%3Dhttps%253A%252F%252Fbusinessdesk.co.nz%252Flogin%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&cookiesTest=true&liSync=true
Request Chain 87
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&C=1
Request Chain 88
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.QHt9uUteVQd.VblOiRUgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&google_hm=2
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPxi9nFJUJ1km8LSChWsMog&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPxi9nFJUJ1km8LSChWsMog%26google_cver%3D1
Request Chain 90
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyODgwNzk3MDIxMjg5MDY%3D
Request Chain 91
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633467751924760576&redir= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3633467751924760576&redir=
Request Chain 92
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1 HTTP 302
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=593f0e26-b6bb-4806-affa-7a9fce1b6a8e&gdpr=0&gdpr_consent= HTTP 302
  • https://ml314.com/csync.ashx?fp=593f0e26-b6bb-4806-affa-7a9fce1b6a8e&person_id=3633467751924760576&eid=53819
Request Chain 93
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3633467751924760576 HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3633467751924760576 HTTP 302
  • https://ml314.com/csync.ashx?fp=6f47e58a10c7659f84c66137d0b74e08&eid=50146&person_id=3633467751924760576
Request Chain 94
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif HTTP 302
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif HTTP 302
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2N8qhl6ljfOOBo231tywGpNAKeTOeN8CpR-R9Y2fbC6c&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_pid%3Dr8hrb20 HTTP 302
  • https://ml314.com/csync.ashx?fp=2N8qhl6ljfOOBo231tywGpNAKeTOeN8CpR-R9Y2fbC6c&person_id=3633467751924760576&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referrer_pid%3dr8hrb20 HTTP 302
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Request Chain 108
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1675888567059&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&sr=1600x1200&id=lstrg-ec360a3849b3026b3cdbb41ddd3aeace HTTP 302
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1675888567059&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&sr=1600x1200&id=lstrg-ec360a3849b3026b3cdbb41ddd3aeace&ja=1

176 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request login
businessdesk.co.nz/
Redirect Chain
  • http://email.mail.businessdesk.co.nz/c/eJxtjrtuxSAQBb_GNEiI5WHsgiJNyvwDZnGM7AtXLBFJvj6O0kY63UgzJ3mYnYJVWW0YelCzSSvLXkmlQKlFgrUaRNg3CREs4gZ7CDgZ-Qj5EtsH5ZKIMNEpYhXlmx3eWLnN6CzqoGa7xxWTM4te7SKddZDY5Y...
  • https://www.businessdesk.co.nz/settings
  • https://businessdesk.co.nz/settings
  • https://businessdesk.co.nz/login
109 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f269a5cb198eecd66c85007100ce70bb17a7960ca65e496c941294e262aacc5
Security Headers
Name Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src * 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-headers
Content-Type,Authorization,X-Requested-With,X-CSRF-Token
access-control-allow-methods
GET,POST,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
796727aa3f191c54-AKL
content-encoding
gzip
content-security-policy
default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src * 'unsafe-inline' data:
content-type
text/html; charset=UTF-8
date
Wed, 08 Feb 2023 20:36:00 GMT
expect-ct
enforce, max-age=30
permissions-policy
autoplay=(self), camera=(), encrypted-media=(self), fullscreen=(), geolocation=(self), gyroscope=(self), magnetometer=(), microphone=(), midi=(), payment=(), sync-xhr=(self), usb=()
referrer-policy
no-referrer-when-downgrade
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
796727a86b621c54-AKL
content-type
text/html; charset=UTF-8
date
Wed, 08 Feb 2023 20:35:59 GMT
location
https://businessdesk.co.nz/login
server
cloudflare
css2
fonts.googleapis.com/ 		9 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
fac5da0573738445914239b601391b9f2ac194e543b7a0400a8bbee267b97f3a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 20:03:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 20:36:00 GMT
css2
fonts.googleapis.com/ 		11 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;500;700;900&display=swap
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f95.1e100.net
Software
ESF /
Resource Hash
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 20:12:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 08 Feb 2023 20:36:00 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8479924
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=unzCljuSWeHfdh2EC4sycJMZ6DBIq3MLAqXG0Dn7wKh5%2FjnUiJYQD9lneOClg1C7CrSTvfySaoQsL5ZO%2FRD8YYMP6l7hGIOu0zNdz63vKNzgwnoR%2BwdMcUaN1LsPXPprHXPOSTrE"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
796727ae8964fb98-AKL
expires
Mon, 29 Jan 2024 20:36:00 GMT
logo.png
businessdesk.co.nz/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/img/logo.png
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22ad2a17d1b4801b7325be78a650d3731d6d72e699ad8cc826399b9bcb771c64

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Feb 2023 20:36:01 GMT
cf-cache-status
HIT
last-modified
Sun, 01 Mar 2020 21:57:08 GMT
server
cloudflare
age
7286677
etag
"5e5c2fb4-6f87"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000, public
accept-ranges
bytes
cf-ray
796727b239be1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
28551
expires
Thu, 31 Dec 2037 23:55:55 GMT
app.css
businessdesk.co.nz/css/ 		256 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d2dcc5528169b3cff0ccd987c6ba90a188bcf74703d565633081eb01d9f5f0c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 10:43:13 GMT
server
cloudflare
age
467565
etag
W/"63dce541-4016f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=315360000, public
cf-ray
796727ad0e401c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
businessdesk.co.nz/js/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/js/jquery.min.js?id=cf2fbbf84281d9ecbffb
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Feb 2023 07:18:19 GMT
server
cloudflare
age
652658
etag
W/"63da123b-15f5b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
cf-ray
796727ad0e441c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
gpt.js
www.googletagservices.com/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
cf94ecfa5eb3a18f1659ee69e486cec4d981abafa0e4bcce88a87e18a2a03f48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27245
x-xss-protection
0
server
sffe
etag
"1477 / 209 of 1000 / last-modified: 1675858061"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 08 Feb 2023 20:36:01 GMT
nzmedfp.js
nzme-ads.co.nz/js/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nzme-ads.co.nz/js/nzmedfp.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.71.218 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
694db80cb21305c3763457d74832d7a28981b926a7b1a344a3c89169b78018a1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:01 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
0G7GP8JG4G6JTRWT
age
3543
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
OHfRbBOaQx/7Inu6epM09LYGhXoQJszDrfVnVlAN1odRHUcHzmZ9oFCNpFXco5MeclliCWBE+VY=
last-modified
Sun, 11 Dec 2022 20:44:36 GMT
server
cloudflare
etag
W/"e0f49d7d1c291592afc8d15f55a65027"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssDcKT3EPTEI%2FUWadNb2J0iDnnmRkkKSq0N%2FvQdYb7SZiOxwMIq2nyYcaPjCVYzO%2FQa3EwTrzZtsNejPT8LoIiEnq7I0TP9dL%2BKRmY0NEMCT%2BM08ioRVxOcmn5LYmNVK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=1800
cf-ray
796727b6eafb1c54-AKL
handle.js
businessdesk.co.nz/swg/ 		2 KB
817 B 		Script
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/swg/handle.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c75abd73c698ac4ef928c26af43b880cb8ec01769516383f95055e96e6502d5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Feb 2023 20:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Aug 2020 11:30:17 GMT
server
cloudflare
age
7286677
etag
W/"5f3e5ec9-604"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
cf-ray
796727b4ae851c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
swg.js
news.google.com/swg/js/v1/ 		160 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
e000a93911cb1074f46b39ffaa048beb2bf5e55b45f65a3a398eb6648b7fbba5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 19:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2648
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
49880
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 18:42:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 20:41:53 GMT
swg-gaa.js
news.google.com/swg/js/v1/ 		62 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-gaa.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
30c8ed14fdab8dcf3701a56c71402d7d6b1bfc18fd3c1974d86f0629ecae0ae9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:03:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1945
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18225
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 18:42:17 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 20:53:36 GMT
client
accounts.google.com/gsi/ 		192 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f84.1e100.net
Software
ESF /
Resource Hash
5847ab863b72dbbdfee3418c860fd3200a0dc041be8bbe91c811cfa03f9d8764
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-noF0ScLzLegThFgRZilCFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:00 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-noF0ScLzLegThFgRZilCFg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 08 Feb 2023 20:36:00 GMT
optimize.js
www.googleoptimize.com/ 		111 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleoptimize.com/optimize.js?id=OPT-M7TKLF7
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.100 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f100.1e100.net
Software
Google Tag Manager /
Resource Hash
1f0595d8b1e321973c827e69d735de28cdf4d7c2a18d1f3026ed22ec99da1e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44369
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 18:39:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Feb 2023 20:36:01 GMT
app.js
businessdesk.co.nz/js/ 		2 MB
514 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/js/app.js?id=a9163a88a044bafb2a4d
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
abca59c1f5a3723619784bd231b3d8cb67b5bafbb45a6a3067c5ce15f9c282c9

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Feb 2023 20:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 01 Feb 2023 07:18:19 GMT
server
cloudflare
age
652658
etag
W/"63da123b-2477cc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
cf-ray
796727b4ae891c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
custom.js
businessdesk.co.nz/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/js/custom.js?id=003ab38746f4d047ae0f
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c50786db04ddb5617a22ce2d10e82b0a0bac3083b031d4c9d772ffafc294887

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
public
date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Sun, 20 Nov 2022 13:43:36 GMT
server
cloudflare
age
6936543
etag
W/"637a2f08-ad5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000, public
cf-ray
796727ad1e7b1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
menu.svg
businessdesk.co.nz/images/ 		408 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/menu.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
098bb4cccf4672fe96b2d63ed98844ee78e55f79c3b50197f5ac4f2041519e3f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:01 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
5473
etag
W/"6368d1cd-198"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727b4ae8d1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
back-white.svg
businessdesk.co.nz/images/icons/ 		373 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/back-white.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ece07b1e647f61dff4e40bce6cde91d8f9bef75fa67dc27fc9cf60a2403be6d3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
4394
etag
W/"6368d1cd-175"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bafd2b1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
logo_original.svg
businessdesk.co.nz/images/ 		13 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/logo_original.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b75cedbb0213e274bb6ef44e70d0d15edfdfbdbd35f7b6cb1ea65a1c63600312

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
5800
etag
W/"6368d1cd-3427"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bafd2d1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
account-white.svg
businessdesk.co.nz/images/icons/ 		811 B
564 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/account-white.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9943733948dea5c7a87af84773c98c177e8652cf8ce83c482113b823f77b26dc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
4451
etag
W/"6368d1cd-32b"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bb2d7e1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
search-sm.svg
businessdesk.co.nz/images/icons/ 		446 B
423 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/search-sm.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e786cf80cef734d04bc4967ee04ef3846ed13d090b9ac1cbba8d8cdec86a5aae

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
1134
etag
W/"6368d1cd-1be"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bb5de51c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
new-close-button.svg
businessdesk.co.nz/images/icons/ 		315 B
374 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/new-close-button.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b294e17282ff14dc43fdee7f28ba7139b3613e3be285e0d67898d64443f4d595

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
1126
etag
W/"6368d1cd-13b"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727be4c6d1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
facebook-solid.svg
businessdesk.co.nz/images/icons/ 		680 B
591 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/facebook-solid.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70a8e6edcbb1e7e9e720f26dd6a810e9e979e804595c5c111bcd65fc49e442e4

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
5802
etag
W/"6368d1cd-2a8"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727be4c701c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
twitter-solid.svg
businessdesk.co.nz/images/icons/ 		1 KB
976 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/twitter-solid.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c93195813675fa31c0528faf61a9c4d1faa4546a8bbb650e442b89e960df657

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
1135
etag
W/"6368d1cd-5ef"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bf1e661c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
linkedin-solid.svg
businessdesk.co.nz/images/icons/ 		927 B
660 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/linkedin-solid.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6a9da373b04727fc904693c0e325137af8b368dee6e849ab1f8cb56525406a1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
5803
etag
W/"6368d1cd-39f"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bf2e7b1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
email-decode.min.js
businessdesk.co.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
835 B 		Script
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 06 Feb 2023 18:52:43 GMT
server
cloudflare
etag
W/"63e14c7b-4d7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/javascript
cache-control
max-age=172800, public
cf-ray
796727b17fef1c5d-AKL
expires
Fri, 10 Feb 2023 20:36:00 GMT
vaafb692b2aea4879b33c060e79fe94621666317369993
static.cloudflareinsights.com/beacon.min.js/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.56.101 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3

Request headers

Referer
https://businessdesk.co.nz/login
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
gzip
last-modified
Fri, 21 Oct 2022 01:56:09 GMT
server
cloudflare
etag
W/2022.10.1
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
796727c18976eea6-AKL
gtm.js
www.googletagmanager.com/ 		263 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a7d2643a1af02dfd8b5e08cd66cf9510eaa87df713bd78f3b074b2dcf3e08540
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
90092
x-xss-protection
0
last-modified
Wed, 08 Feb 2023 18:39:10 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 08 Feb 2023 20:36:03 GMT
firebase-app.js
www.gstatic.com/firebasejs/9.13.0/ 		90 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.13.0/firebase-app.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
2b346fa076a692a91f0a9629a82899a296d2a4192d46bf699dce4dfd7d784df9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sat, 04 Feb 2023 11:18:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
379025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20513
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 18:26:05 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 04 Feb 2024 11:18:56 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/9.13.0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.13.0/firebase-messaging.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
27253ecc4fdc71b533adcc99990d12cb54c8556265a7d7141a699537bebb5926
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 01:19:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155799
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7892
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 18:26:10 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Feb 2024 01:19:22 GMT
firebase-analytics.js
www.gstatic.com/firebasejs/9.13.0/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/9.13.0/firebase-analytics.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
329599ea5c2bfaaa543d4041a0518235697858f8e03416404eacbe96a01fd893
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 18:51:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
438292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8380
x-xss-protection
0
last-modified
Thu, 27 Oct 2022 18:26:04 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="firebase-js"
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 03 Feb 2024 18:51:09 GMT
pubads_impl_2023020601.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
sffe /
Resource Hash
e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Mon, 06 Feb 2023 11:47:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
204502
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133115
x-xss-protection
0
last-modified
Mon, 06 Feb 2023 09:36:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 06 Feb 2024 11:47:41 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		83 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=businessdesk.co.nz
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
12bdd1be8c5c8de84d75fb2502d71b999bbdc7baa7df3cd9452a835bb869ac49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59
x-xss-protection
0
expires
Wed, 08 Feb 2023 20:36:02 GMT
search-white.svg
businessdesk.co.nz/images/icons/ 		416 B
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://businessdesk.co.nz/images/icons/search-white.svg
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b25050208b1492998f5c2ee37df2c58306b910355f10bf7e9a84c7391268e39b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Nov 2022 09:37:17 GMT
server
cloudflare
age
3720
etag
W/"6368d1cd-1a0"
vary
Accept-Encoding
content-type
image/svg+xml
cf-ray
796727bbff2b1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
inter-regular.woff2
businessdesk.co.nz/fonts/ 		98 KB
98 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/fonts/inter-regular.woff2?b6204e253064e05f23f58f46e9d32d8d
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
954bfdf81f6e7d131149c5959e64577b2545a2655db6b0cc4fa32e572cc9907f

Request headers

Referer
https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 10:43:13 GMT
server
cloudflare
age
817
etag
"63dce541-18824"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
796727bbcecf1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
100388
inter-bold.woff2
businessdesk.co.nz/fonts/ 		107 KB
107 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/fonts/inter-bold.woff2?4c7e8c21fb1f01a74b10ccfc0c96ae96
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b91f4345dc4ea30e7767250988defaf93836b2727d78abff53732ddfbae03a

Request headers

Referer
https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 10:43:13 GMT
server
cloudflare
age
817
etag
"63dce541-1ab80"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
796727bbced41c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
109440
feature-text-bold.woff2
businessdesk.co.nz/fonts/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/fonts/feature-text-bold.woff2?e277350fdb85e961f2e90b9fa9dc369c
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9059aae0e11c2cdf3c59f4cc77d8a00561327f43f9308a2f44878a8013f63ede

Request headers

Referer
https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 10:43:13 GMT
server
cloudflare
age
817
etag
"63dce541-b8a9"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
796727bbced51c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
47273
tiempos-text-regular.woff2
businessdesk.co.nz/fonts/ 		51 KB
51 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/fonts/tiempos-text-regular.woff2?ba59e68f6f0159d93d8c71e1d1943e3c
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d1e1c18da99918e77b2a3c587491a47c79c93d65e0f6219a33d50c60e5616ad

Request headers

Referer
https://businessdesk.co.nz/css/app.css?id=2a9bff7dea4a4a6200cb
Origin
https://businessdesk.co.nz
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:02 GMT
cf-cache-status
HIT
last-modified
Fri, 03 Feb 2023 10:43:13 GMT
server
cloudflare
age
6459
etag
"63dce541-cd0b"
vary
Accept-Encoding
content-type
application/octet-stream
accept-ranges
bytes
cf-ray
796727bbced71c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
52491
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:263002134568:web:c85dc86c1f7b0998c9fd1d/ 		343 B
413 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:263002134568:web:c85dc86c1f7b0998c9fd1d/webConfig
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.13.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
2d2dadc8bcf59a29f2ef81dff72426a8a02bd2feaba6f47b8c0a9a48b590b8c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://businessdesk.co.nz/login
x-goog-api-key
AIzaSyCKQSo9u-OC2uSDGUr5oIeVQOiQ5nzknu0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://businessdesk.co.nz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
224
x-xss-protection
0
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f113.1e100.net
Software
sffe /
Resource Hash
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:03:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1970
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6458
x-xss-protection
0
last-modified
Wed, 02 Nov 2022 19:15:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 20:53:12 GMT
installations
firebaseinstallations.googleapis.com/v1/projects/nifty-zenith-276423/ 		625 B
679 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/nifty-zenith-276423/installations
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.13.0/firebase-messaging.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
d10ec7f1080c37383e3b794a74f9c4119daf10649a3b2d4d571bd939ba0ca654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept
application/json
Referer
https://businessdesk.co.nz/login
x-goog-api-key
AIzaSyCKQSo9u-OC2uSDGUr5oIeVQOiQ5nzknu0
accept-language
en-NZ,en;q=0.9
x-firebase-client
eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjguMyBmaXJlLWNvcmUtZXNtMjAxNy8wLjguMyBmaXJlLWpzLyBmaXJlLWpzLWFsbC1jZG4vOS4xMy4wIGZpcmUtaWlkLzAuNS4xNiBmaXJlLWlpZC1lc20yMDE3LzAuNS4xNiBmaXJlLWZjbS8wLjEwLjAgZmlyZS1mY20tZXNtMjAxNy8wLjEwLjAgZmlyZS1hbmFseXRpY3MvMC44LjQgZmlyZS1hbmFseXRpY3MtZXNtMjAxNy8wLjguNCIsImRhdGVzIjpbIjIwMjMtMDItMDgiXX1dfQ
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type
application/json

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
vary
Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://businessdesk.co.nz
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
489
x-xss-protection
0
webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:263002134568:web:c85dc86c1f7b0998c9fd1d/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebase.googleapis.com/v1alpha/projects/-/apps/1:263002134568:web:c85dc86c1f7b0998c9fd1d/webConfig
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-api-key
Access-Control-Request-Method
GET
Origin
https://businessdesk.co.nz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://businessdesk.co.nz
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 08 Feb 2023 20:36:03 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
installations
firebaseinstallations.googleapis.com/v1/projects/nifty-zenith-276423/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://firebaseinstallations.googleapis.com/v1/projects/nifty-zenith-276423/installations
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f95.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method
POST
Origin
https://businessdesk.co.nz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://businessdesk.co.nz
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Wed, 08 Feb 2023 20:36:03 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		182 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-DELVWQ0TM7
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.13.0/firebase-analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
74e6788349f9cd27d6f050c1e181289f538034e59c34338951187f0d9c1e1103
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
67954
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Feb 2023 20:36:03 GMT
js
www.googletagmanager.com/gtag/ 		182 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DELVWQ0TM7&l=dataLayer&cx=c
Requested by
Host: www.googleoptimize.com
URL: https://www.googleoptimize.com/optimize.js?id=OPT-M7TKLF7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
12b480577535f9d85580918bff93299cb85735daebe4137e5fb2a2a438ce80ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68014
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Feb 2023 20:36:03 GMT
style
accounts.google.com/gsi/ 		533 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/style
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f84.1e100.net
Software
ESF /
Resource Hash
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bNZ1g4H0iVmDzXXPRdEeJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-bNZ1g4H0iVmDzXXPRdEeJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
text/css; charset=utf-8
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 08 Feb 2023 20:36:03 GMT
button
accounts.google.com/gsi/ Frame 11B9 		105 KB
38 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/button?type=standard&shape=rectangular&theme=filled_black&text=signin_with&size=large&logo_alignment=left&width=324&client_id=263002134568-g737gmd50lftc3h9p9hovqp1tjvcvqc1.apps.googleusercontent.com&iframe_id=gsi_563551_772073&as=JLGXZW1dxPx9z1cbJdVJOQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f84.1e100.net
Software
ESF /
Resource Hash
cc9a291be43acac5a0c636a2bca8c32793c31e279a74e0b4842482c0fc7c7cb6
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-kumWPW-YhxsjyHtuAF8OUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http script-src 'report-sample' 'nonce-kumWPW-YhxsjyHtuAF8OUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
check
businessdesk.co.nz/api/teams/ 		82 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/api/teams/check
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/js/jquery.min.js?id=cf2fbbf84281d9ecbffb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
689ae3ac9612d88f14b7a939f4dcb98bbc3c9da40847ba2e3cfdc37f76686b89

Request headers

Accept
*/*
Referer
https://businessdesk.co.nz/login
X-Requested-With
XMLHttpRequest
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:03 GMT
cf-cache-status
DYNAMIC
server
cloudflare
x-ratelimit-remaining
49
content-type
application/json
cache-control
no-cache, private
x-ratelimit-limit
50
cf-ray
796727c2ae8b1c5d-AKL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
identity-sign-in-google-http
csp.withgoogle.com/csp/ Frame 11B9 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://csp.withgoogle.com/csp/identity-sign-in-google-http
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.141 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f141.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://accounts.google.com/
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/csp-report

Response headers
4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
fonts.gstatic.com/s/googlesans/v14/ Frame 11B9 		51 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
sffe /
Resource Hash
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
Origin
https://accounts.google.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Sun, 05 Feb 2023 04:48:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
316025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27431
x-xss-protection
0
last-modified
Mon, 22 Apr 2019 23:43:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Feb 2024 04:48:59 GMT
integrator.js
adservice.google.co.nz/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.nz/adsid/integrator.js?domain=businessdesk.co.nz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=businessdesk.co.nz
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2518960240762682&correlator=684236497314259&eid=31072030%2C31072215%2C31072228&output=ldjh&gdfp_req=1&vrg=2023020601&ptt=17&impl=fifs&iu_parts=83069739%2Cbusinessdesk%2Clogin&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C728x90&ifi=1&adks=830274696&sfv=1-0-40&prev_scp=pos%3D1%26adtype%3Dleaderboard%26container_id%3Dleaderboard1&cust_params=pt%3Dpage%26subscriber%3Dfalse%26user_type%3Dindividual%26host%3Dbusinessdesk.co.nz%26bw%3D1600&sc=1&cookie_enabled=1&abxe=1&dt=1675888564453&lmt=1675888564&dlt=1675888560087&idt=4335&adxs=315&adys=173&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&frm=20&vis=1&psz=1368x48&msz=970x0&fws=4&ohw=1600&ga_vid=735292755.1675888564&ga_sid=1675888564&ga_hid=1925303621&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f154.1e100.net
Software
cafe /
Resource Hash
7f569de4d60a827457280863662986e8d39cdb037f6659d15091e17f51bf6bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6668
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://businessdesk.co.nz
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FA6A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Thu, 08 Feb 2024 20:36:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
164 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-DELVWQ0TM7&gtm=45je3260&_p=1925303621&_fid=epFl-g5uLGJ0ou1LayaRxz&cid=735292755.1675888564&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675888564&sct=1&seg=0&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&dt=BusinessDesk%20%7C%20NZ%20breaking%20news%20and%20commentary%20on%20business%2C%20NZX%20and%20politics&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-DELVWQ0TM7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://businessdesk.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 08 Feb 2023 20:15:36 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1229
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 08 Feb 2023 22:15:36 GMT
activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
9751041.fls.doubleclick.net/ Frame 6DA6
Redirect Chain
  • https://9751041.fls.doubleclick.net/activityi;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
  • https://9751041.fls.doubleclick.net/activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=http...
413 B
571 B 		Document
General
Check archive.org
Download Go to
Full URL
https://9751041.fls.doubleclick.net/activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
cafe /
Resource Hash
48b6040437795eb6da4ad13a9db13c903b8f2f38cdf49abfe76bf1818e31117b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
232
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Wed, 08 Feb 2023 20:36:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://9751041.fls.doubleclick.net/activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.45.116.82 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-45-116-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 10 Jan 2023 17:22:56 GMT
x-cdn
AKAM
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=78888
accept-ranges
bytes
content-length
4777
activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
10888750.fls.doubleclick.net/ Frame A0AD
Redirect Chain
  • https://10888750.fls.doubleclick.net/activityi;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
  • https://10888750.fls.doubleclick.net/activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbu...
400 B
569 B 		Document
General
Check archive.org
Download Go to
Full URL
https://10888750.fls.doubleclick.net/activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f148.1e100.net
Software
cafe /
Resource Hash
b847942f2aa4880e870f04f88d6b99a99962a8f26b3e58b308c69df3bc018595
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
231
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Wed, 08 Feb 2023 20:36:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://10888750.fls.doubleclick.net/activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
nlsqueue.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		450 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsqueue.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f9cceab3a20f0d6525e99a8bd13eec9a0706b78a276107891721c7e3ba09d8a6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
DJiRpcbmI.BblJQ9jIAEIXVjaotFwHm.
date
Wed, 08 Feb 2023 20:21:53 GMT
via
1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN52-C3
age
1130
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
450
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
"7e189c61a1ad159088b817cee2cfe516"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
wp15-QKj088X6Eu1t-bhTcX_09D6Zbp5wtVb_3yMVwv8xvfUSeW1cw==
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.19 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-sin6.fbcdn.net
Software
/
Resource Hash
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Feb 2023 20:36:06 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27843
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
VAzH+/qBonaDu+wazHm7K/rOivmprCRNqJKz92U3lld53ORQK3e7qbkTog09YM0cNCLC4PPdMuTvxI0PivYLxg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
expires
Sat, 01 Jan 2000 00:00:00 GMT
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.44.157 , Singapore, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-qpg1274-QPG
v60.js
cdn-gl.imrworldwide.com/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding
gzip
via
1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
date
Wed, 08 Feb 2023 18:33:36 GMT
last-modified
Mon, 25 Jul 2022 13:33:52 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
age
7353
x-amz-server-side-encryption
AES256
etag
W/"3bad78b036ef952c6ace672b2251b459"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
eVDool7TqqLHxmmAUdo7y3kbI-CHZ6_h48HuC6EwU8N4YhhS00GEzQ==
tag.aspx
ml314.com/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/tag.aspx?812023
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 19:38:01 GMT
content-encoding
br
age
3484
x-guploader-uploadid
ADPycdtho7KQ1KbsUE76ij3FdMbUul1ZUqjw2fRYTV78oHZe960S9Yh1BZEwkRFyDPBimAlQI45hI9gxwaJC0uICnT48
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10477
last-modified
Tue, 09 Aug 2022 21:49:07 GMT
server
UploadServer
etag
W/"fe36d3317b1b052708eb2260e253aa63"
vary
Accept-Encoding
x-goog-generation
1660081747697868
x-goog-hash
crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type
application/javascript
cache-id
SYD-85eb07e
cache-control
public,max-age=3600
x-cache-hit
hit
x-goog-stored-content-length
32025
accept-ranges
none
js
www.googletagmanager.com/gtag/ 		218 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-G2VHWVZHBS&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WGJCJ63
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
5b508ce49695885ca62a1edf8fb793beb19ace345806089de5acce175a3bb0f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77618
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Feb 2023 20:36:05 GMT
1.png
karma-tracker.nzmedata.co.nz/sink/businessdesk/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://karma-tracker.nzmedata.co.nz/sink/businessdesk/1.png?ci=GA1.1.735292755.1675888564&ui=undefined&oid=undefined&pp=%2Flogin&gtmcb=1643932088
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.169.10 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
10.169.110.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
daf221f738c29d148afbb9bcf0952da9011cc34f7900c8827958e995466a3b3f

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:27:57 GMT
via
1.1 google
age
489
x-guploader-uploadid
ADPycdsGNgAgtexw4HL6W0hVSd4HlCu6YwWoWLeYn9ZgRO3YfFK49Xg_lpdZM-pQEAp6cQ1Bcy7NOi_wpu1wr0KsOa-52w
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18258
last-modified
Mon, 19 Dec 2022 22:59:45 GMT
server
UploadServer
etag
"5851873b6b930a92c83c57c5e40b1c11"
vary
X-Goog-Allowed-Resources
x-goog-hash
crc32c=YpVE5A==, md5=WFGHO2uTCpLIPFfF5AscEQ==
x-goog-generation
1671490785890343
content-type
image/png
cache-control
public,max-age=3600
x-goog-stored-content-length
18258
accept-ranges
bytes
container.html
4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5434 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Thu, 08 Feb 2024 20:36:05 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-G2VHWVZHBS&gtm=45je3260&_p=1925303621&_gaz=1&cid=735292755.1675888564&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675888565&sct=1&seg=0&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&dt=BusinessDesk%20%7C%20NZ%20breaking%20news%20and%20commentary%20on%20business%2C%20NZX%20and%20politics&uid=undefined&en=page_view&_fv=1&_ss=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2VHWVZHBS&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.38.181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://businessdesk.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-G2VHWVZHBS&cid=735292755.1675888564&gtm=45je3260&aip=1&uid=undefined
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-G2VHWVZHBS&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://businessdesk.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-G2VHWVZHBS&cid=735292755.1675888564&gtm=45je3260&aip=1&uid=undefined&z=1626573165
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 28B4 		624 B
670 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CIiIUBCbiq0BGKmmuckBMAE&v=APEucNUXVE-WJnns4_7XhPYcC91wMOH09IFcbDjpY8ih8Fem0b-qz4FQNR5-2CkvK04t6K_10NyhaJzCmUVsxfPCXqbL-FUjJw
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:05 GMT
expires
Wed, 08 Feb 2023 20:36:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 5434 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 08 Feb 2023 20:36:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5434 		42 B
401 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BotM8xN5R_9hIbIH_1lLirPHFNgxhkWD4l3VwQeJ283-WnUvdgM3g4_NXI6-CVQrmuUtaYRCPXpayTeB3VOmXNCRkrvTpvhbENvnxczbLN_gC6Cyk
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5434 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7798099716138501642&x=1&ct=76
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 5434 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 21:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
81761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 21:53:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/ Frame 5434 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230206/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
cafe /
Resource Hash
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 21:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
81761
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7647
x-xss-protection
0
server
cafe
etag
2161395064574532456
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 21 Feb 2023 21:53:25 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5434 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
sffe /
Resource Hash
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48932
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1675690092087710"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 20:36:05 GMT
utsync.ashx
ml314.com/ 		535 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=84111&ct=js&pi=&fp=&clid=&if=0&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&pv=1675888565875_x0hfjb0yu&bl=en-us&cb=239024&return=&ht=&d=&dc=&si=1675888565875_x0hfjb0yu&cid=&s=1600x1200&rp=&v=2.5.2.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?812023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
1a580e618647c66a882b88050750f58a55844c94ad090f5271058508bb7cb894

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:05 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
535
expires
0
ud.ashx
in.ml314.com/ 		20 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.ml314.com/ud.ashx?topiclimit=&cb=812023&v=2.5.2.2
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?812023
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.43.194.186 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-43-194-186.us-west-2.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:06 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
public
Connection
keep-alive
Content-Length
138
Expires
Thu, 09 Feb 2023 20:36:07 GMT
dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=*;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
adservice.google.com/ddm/fls/z/ Frame 6DA6 		42 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=*;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
Requested by
Host: 9751041.fls.doubleclick.net
URL: https://9751041.fls.doubleclick.net/activityi;dc_pre=CLu5-rTjhv0CFctfKwodgh4IVw;src=9751041;type=allsi0;cat=allsi0;ord=7592257066327;gtm=45He3260;auiddc=1631299251.1675888565;u1=%2Flogin;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://9751041.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
storageframe.html
secure-gl.imrworldwide.com/ Frame C055 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-gl.imrworldwide.com/storageframe.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-118.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:06 GMT
etag
W/"63caaa13-2b27"
last-modified
Fri, 20 Jan 2023 14:49:55 GMT
server
nginx
vary
Accept-Encoding
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-amz-cf-id
2DLpMOVhnrt6vIvAuGoyD7ejgmdcpqAdcOO4l-mDm8Sh9T-9vsmoSw==
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
token
cdn.linkedin.oribi.io/partner/508220483/domain/businessdesk.co.nz/ 		36 B
367 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/508220483/domain/businessdesk.co.nz/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.8.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-26.sin5.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://businessdesk.co.nz/login
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:06 GMT
content-encoding
gzip
via
1.1 b4eebfe47952c39ed1b8a9637b729eb4.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
vary
accept-encoding
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=3600
x-amz-cf-id
fOI9my7Sab2xKi0d-bSaocPjVuCOswfQuaY2ph1MlEW86QujTfzitQ==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&cookiesTest=true
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D508220483%26time%3D1675888565964%26url%3Dhttps%253A%252F%252Fbusinessdesk.co.nz%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&cookiesTest=true&liSync=true
0
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&cookiesTest=true&liSync=true
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
HTTP/1.1
Server
108.174.10.20 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
108-174-10-20.fwd.linkedin.com
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:08 GMT
Server
Play
X-Li-Pop
prod-lor1-x
LinkedIn-Action
1
X-Li-Fabric
prod-lor1
Content-Type
application/javascript
X-LI-Proto
http/1.1
Connection
keep-alive
content-length
0
X-LI-UUID
AAX0NjbQcchLCEaBO9SgDQ==

Redirect headers

Date
Wed, 08 Feb 2023 20:36:08 GMT
Content-Security-Policy
default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
X-Content-Type-Options
nosniff
Strict-Transport-Security
max-age=31536000
LinkedIn-Action
1
Connection
keep-alive
content-length
0
X-LI-UUID
AAX0NjbLkGKddm7w4glJSw==
Pragma
no-cache
Server
Play
X-Li-Pop
prod-lor1-x
Expect-CT
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
X-Frame-Options
sameorigin
X-Li-Fabric
prod-lor1
Location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=508220483&time=1675888565964&url=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&cookiesTest=true&liSync=true
Cache-Control
no-cache, no-store
X-LI-Proto
http/1.1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
P3CFAE46C-B826-4E51-A835-3955F0A55ABC.js
cdn-gl.imrworldwide.com/conf/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P3CFAE46C-B826-4E51-A835-3955F0A55ABC.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
87b7a32ec284ff3beb145999f06d7a428bcfe07b4df2a24100c9b2a9013c0b6a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
lBf3Sg5m0NIyPiH9xNnpQ0fRDumoBeXd
content-encoding
gzip
via
1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
date
Wed, 08 Feb 2023 20:36:08 GMT
last-modified
Wed, 08 Feb 2023 17:16:10 GMT
server
AmazonS3
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
etag
W/"b27bee70dd605abb5c03ffe80875e310"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
184xyp5NiVFSNl7YojLe3yWWg9df0yAZq_mmRhPbEDd2VLe9UnOrDw==
adsct
t.co/i/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=dca473a1-cdf1-4869-832d-a9a48f2504cf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4d107d5a-f3e9-49bc-99ec-dedc33443ed8&tw_document_href=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6xwj&type=javascript&version=2.3.29
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time
146
date
Wed, 08 Feb 2023 20:36:06 GMT
strict-transport-security
max-age=0
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
7a39e56d1ded4f7c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
b913db43b599c49e135d5058af64199808a2a959fd6b30ab43578a3066f8516b
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=dca473a1-cdf1-4869-832d-a9a48f2504cf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=4d107d5a-f3e9-49bc-99ec-dedc33443ed8&tw_document_href=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6xwj&type=javascript&version=2.3.29
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_l /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-response-time
148
date
Wed, 08 Feb 2023 20:36:07 GMT
strict-transport-security
max-age=631138519
server
tsa_l
content-type
image/gif;charset=utf-8
x-transaction-id
dc0302bf9d2e18f6
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
fbe22c0b7b3a985cb88fa3c7b93dad41bd20d0e976f9e64e02d40fe2ac4b70a9
content-length
43
dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=*;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
adservice.google.com/ddm/fls/z/ Frame A0AD 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=*;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin
Requested by
Host: 10888750.fls.doubleclick.net
URL: https://10888750.fls.doubleclick.net/activityi;dc_pre=CLbi-rTjhv0CFbGUSwUdhCUGBQ;src=10888750;type=rem0;cat=busin0;ord=6094127321208;gtm=45He3260;auiddc=1631299251.1675888565;~oref=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f156.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://10888750.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1925303621&t=pageview&_s=1&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ul=en-us&de=UTF-8&dt=BusinessDesk%20%7C%20NZ%20breaking%20news%20and%20commentary%20on%20business%2C%20NZX%20and%20politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=1651290768&gjid=2026755357&cid=735292755.1675888564&uid=undefined&tid=UA-109240259-1&_gid=444111774.1675888566&_r=1&_slc=1&gtm=45He3260n81WGJCJ63&cd1=undefined&cd2=undefined&z=65424609
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://businessdesk.co.nz/login
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://businessdesk.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 28B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIiIUBCbiq0BGKmmuckBMAE&v=APEucNUXVE-WJnns4_7XhPYcC91wMOH09IFcbDjpY8ih8Fem0b-qz4FQNR5-2CkvK04t6K_10NyhaJzCmUVsxfPCXqbL-FUjJw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:07 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 28B4
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.QHt9uUteVQd.VblOiRUgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIiIUBCbiq0BGKmmuckBMAE&v=APEucNUXVE-WJnns4_7XhPYcC91wMOH09IFcbDjpY8ih8Fem0b-qz4FQNR5-2CkvK04t6K_10NyhaJzCmUVsxfPCXqbL-FUjJw
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:08 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:08 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFM5EmBrLOAH7Jgd36Mx18o&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 28B4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPxi9nFJUJ1km8LSChWsMog&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPxi9nFJUJ1km8LSChWsMog%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPxi9nFJUJ1km8LSChWsMog%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIiIUBCbiq0BGKmmuckBMAE&v=APEucNUXVE-WJnns4_7XhPYcC91wMOH09IFcbDjpY8ih8Fem0b-qz4FQNR5-2CkvK04t6K_10NyhaJzCmUVsxfPCXqbL-FUjJw
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:07 GMT
AN-X-Request-Uuid
15700312-7570-43d5-b6eb-acb8204459e7
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:07 GMT
AN-X-Request-Uuid
f5094b40-cbaa-4d0c-a3a1-f7645914b123
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEPxi9nFJUJ1km8LSChWsMog%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 28B4
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyODgwNzk3MDIxMjg5MDY%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyODgwNzk3MDIxMjg5MDY%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CIiIUBCbiq0BGKmmuckBMAE&v=APEucNUXVE-WJnns4_7XhPYcC91wMOH09IFcbDjpY8ih8Fem0b-qz4FQNR5-2CkvK04t6K_10NyhaJzCmUVsxfPCXqbL-FUjJw
Protocol
H3
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:07 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 08 Feb 2023 20:36:07 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
116.90.74.202; 116.90.74.202; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b02aa768-6e80-4c7a-9d44-06621cf3c508
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzcyODgwNzk3MDIxMjg5MDY%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22052&dpuuid=3633467751924760576&redir=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3633467751924760576&redir=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3633467751924760576&redir=
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
HTTP/1.1
Server
52.89.238.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-89-238-92.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v042-021266661.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
nlAGt0pvS4w=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v042-0a1546aab.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
G5Y/rMbSStA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22052&dpuuid=3633467751924760576&redir=
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
csync.ashx
ml314.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=d0tro1j&ttd_tpi=1
  • https://ml314.com/utsync.ashx?eid=53819&et=0&fp=593f0e26-b6bb-4806-affa-7a9fce1b6a8e&gdpr=0&gdpr_consent=
  • https://ml314.com/csync.ashx?fp=593f0e26-b6bb-4806-affa-7a9fce1b6a8e&person_id=3633467751924760576&eid=53819
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=593f0e26-b6bb-4806-affa-7a9fce1b6a8e&person_id=3633467751924760576&eid=53819
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:07 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 09 Feb 2023 15:36:07 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:07 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
location
https://ml314.com/csync.ashx?fp=593f0e26-b6bb-4806-affa-7a9fce1b6a8e&person_id=3633467751924760576&eid=53819
p3p
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
0,Thu, 09 Feb 2023 15:36:07 GMT
csync.ashx
ml314.com/
Redirect Chain
  • https://sync.crwdcntrl.net/map/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3633467751924760576
  • https://sync.crwdcntrl.net/map/ct=y/c=6985/tp=BOMB?https://ml314.com/csync.ashx%3Ffp%3D%24%7Bprofile_id%7D%26eid%3D50146%26person_id%3D3633467751924760576
  • https://ml314.com/csync.ashx?fp=6f47e58a10c7659f84c66137d0b74e08&eid=50146&person_id=3633467751924760576
43 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/csync.ashx?fp=6f47e58a10c7659f84c66137d0b74e08&eid=50146&person_id=3633467751924760576
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:08 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
image/gif
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 09 Feb 2023 15:36:08 GMT

Redirect headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:07 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://ml314.com/csync.ashx?fp=6f47e58a10c7659f84c66137d0b74e08&eid=50146&person_id=3633467751924760576
cache-control
no-cache
x-server
10.42.25.230
content-length
0
expires
0
match
ps.eyeota.net/
Redirect Chain
  • https://ps.eyeota.net/pixel?pid=r8hrb20&t=gif
  • https://ps.eyeota.net/pixel/bounce/?pid=r8hrb20&t=gif
  • https://ml314.com/utsync.ashx?eid=50052&et=0&fp=2N8qhl6ljfOOBo231tywGpNAKeTOeN8CpR-R9Y2fbC6c&gdpr=0&gdpr_consent=&return=https%3A%2F%2Fps.eyeota.net%2Fmatch%3Fbid%3Dr8hrb20%26uid%3Dnil%26referrer_p...
  • https://ml314.com/csync.ashx?fp=2N8qhl6ljfOOBo231tywGpNAKeTOeN8CpR-R9Y2fbC6c&person_id=3633467751924760576&eid=50052&return=https%3a%2f%2fps.eyeota.net%2fmatch%3fbid%3dr8hrb20%26uid%3dnil%26referre...
  • https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
70 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
HTTP/1.1
Server
18.141.80.142 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-141-80-142.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/gif
Date
Wed, 08 Feb 2023 20:36:08 GMT
Content-Length
70
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

date
Wed, 08 Feb 2023 20:36:08 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
text/html; charset=utf-8
location
https://ps.eyeota.net/match?bid=r8hrb20&uid=nil&referrer_pid=r8hrb20
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
193
expires
Thu, 09 Feb 2023 15:36:08 GMT
collect
stats.g.doubleclick.net/j/ 		7 B
218 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-109240259-1&cid=735292755.1675888564&jid=1651290768&uid=undefined&gjid=2026755357&_gid=444111774.1675888566&_u=YADAAEAAAAAAACAAI~&z=1373244822
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://businessdesk.co.nz/login
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://businessdesk.co.nz
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
511504383055799
connect.facebook.net/signals/config/ 		378 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/511504383055799?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.19 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-sin6.fbcdn.net
Software
/
Resource Hash
78cf2679978a70b41384ddffe97a37dd89d4e5775092725b8d36d7c515cbe02c
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Feb 2023 20:36:07 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
56/CKKUU7vudZg98L5ThmxBo6+E/wZEXsuaDd0UuxD4i+Xd3foxOAwkBRjRSmAnjAhlhHfbWDNJ6mjM2Tcimhg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
548340344
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-109240259-1&cid=735292755.1675888564&jid=1651290768&_u=YADAAEAAAAAAACAAI~&z=1420549627
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f104.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.nz/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.nz/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-109240259-1&cid=735292755.1675888564&jid=1651290768&_u=YADAAEAAAAAAACAAI~&z=1420549627
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:07 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5434 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6978441434630&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5434 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6978441434630&version=m202301230201&ct=76&x=1&cor=7798099716138502000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 5434 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPV374MznStCYPVNaPBOowvEKwW6iQmNevzRHvva3Iojq7K7HXY225VaiOnfR8R4XXkUumQOjgJyX3vVfF5u0kHWWf7DwY7zsfBhuMaVxdWDtO7P7jQdqxLlNOHJFMrTcvDlX7_hxXskYeFUGQg1ONRXUDAhk-jAsymBP2KI9Cjvm2LEU&dbm_d=AKAmf-Bbq2Puz7REUoDkCh2I1gRPix7l_jhbUB8YVPA8Hp4LWSLcrUJ2vXwbU-oDF38nS33P7TzoKq0a2Ro87zOPVKOMsxBdMGyvaG9dznJ5OMSvoQL1ZUoCUCsJ51kkZoBRQyvKN_SU_SsNXhewHwf0GHw0r_s8_D35nTleXEv7tGze3Vo61eXNzcbhN2swt1K0oL05fPDCrF7OeFGqlSFIsK1ti2vnwtgiGQFeHHOf3XxSeqAXdP3roHhB9leFddygCy1h2M9ADDw78LldFO4STZNMbzWXCYAcoX-C1V_cvGfnz8PaKJhzUkSvqFgx1ba51N6TyRjRP_oXudewUn9dOxTidaFxAKhRrpvHOjiOorkpoTdOrHdU2tehhnoHhYhMbtQoSGF2kEZ2-ZCRX4bRgDEpOqr3NNWoxdkm3PgCDDQjudgq2Dm41ClFKTiiBPQHjZyJq3hzyFTsz4LTNSp5gKXTIRZefX54fY0ddNiM27dXhd9KhgxCdTyeo-oNwXgpdwMk2AqxIo2btvkma7c4STZ5mMpslxyIO7Lng6MZMeBnEFLGy_sweZqrbN9OrIB4Sy3HnGB9ccRyW3N_wIyY8-jlek_t1ZlP8rBqqV5Wxkz5AMWqFtjlG4Sh7yRzJ9yL33Lpv7ez_iyZCUaWBD5z-rM-70yyKQ2BMp1q2giY42MrdOF02tk-EqHj1z75CO0LayYn7CjYLszF08jFAYxLChGIbACERx0gVrNV-nd7IS8P5a8mQDF2X3X7Rchm1OQPOO3XHkScYhyf_UIbddwhhCOfx3Wpnf4Z5_Y6Wj4pERgQes0PTxcGOl9EI36ml24FEb55UDk7EXM9np3WeVvtCLCWIga6R5SU7ZzuvNKyCb82bDx4RN60jEhkR0cJOyFlY_yYwsOova4mQwCZN0Ol1yGlW6Rq8pDka7tW7rZHvn1FcGRb7iAbouAGE08Z7vXWjRxD0ovkCVF7653PvMSBZ7wtxxbKcIyCjjVv8OUtTo994tSWHSSIT1K81emAZIU64sNyS1QiWkCxweQ1-k-K4Ztcw5Lf4vtyo7s_MvDW-sSf4QD1AcxyuN3U-84eOqvomQLxqhpy3g2GWx2eN0yS50syIUcxdAHv6d6QTKLxDTIuAD1yvJwF28CALcVF0e2tVLuvyJXcH0C-PXEsstUeid4gJnOa8BlxPo_7kbWpXYUtroXpaUUkTS9Apa-RfP6RzjA9WeV6RTGadTeZEjTX3HBa3x9A0DwaTkWnF75Lx_JC0m4YmMS7_Yg0QdT4xHET7TBgC0SZr6BmfYEO_bgLNvRYrOJ2GETUyLXc5ttyJ2laP-xo4e9QoxO8WFc5N-c-HHrPl_H0zUf03FM2rMx0pOFmjLrBMDimrgmauPdvQ_EbzJ2fRQ2H1MqNIYo231Bsk8RSofUMpQ1B6SMZEHKLPaHEkSegREGhSZorCC9upkBl-kbaRpT5NTICDn5lxQytMlFIeIkzWOlRHT78YxVF4p_xkrT0BP0wJKdh7RR-pj-iEdpX0IwT0uTa14mGFAz911E1964O3O0XwHHyoYZT3-B8byF4Z4ksMgLEUCUL0p5y7PK1x3EuYirKYDy4PalbO0KErYHgs_xvYHdJ0XOWO75eBASxtPj3jFuM_RzMxlKlXkDrnEqSElYvH67qQCobgGKZyyMS2DhR3MrzCjohT2kSZGxLoCAcbVkb-hxS9NBDafWLkOZEoXRmLUdXu53XkEh8dMEuHSP7CGSyEtKeanBetmq-_J3jZR4KWCuF2Y0O9pZvejmjD0Ap0T-Wh7M8GJjE7dMYS9RzPQAr5OfAv9oUPHgbdFHDbUbHMk5gz2QBYp3oWyhKvi8zcVidZQ42hlSZYvjIuy68Jnd9lHwvsGYoAU6JOOg1XoTn9p_k46iZgYT0a_KK6yJbKZWukluGhyh2uffNC-Mqf6Ekf5AeIqdhhS_jGvsrblzc2pIl5952JG_zZqcpv53D9k5Lug9LRjv7L2f9RBJHlqjHjhF1G_sLKOzGXieK3GTDmhPsP8nQ4NX6y0z9U35arylHRVFbx3vCcPn7QseuR-t-Svxn_U9FUCIJXaR7QBavx7xmSWqFTpHCyVcFLcy9z-VZDYoGfozoP7D0KLGrgTEOYPySpq-xk0CEbRb6dz3ghUCfacmkEFVC-WdL6X2As6mGOvsAz5vEJzN-d3S2hUfxkYJB4Iw7sncjTejYPZKxAN0clMojkmXr0lPfMY_19-PCvHq6hj0oEGKCYLItlKSjouBfbfDfdg4zsu3W9RTvokb_LN8HZaOcspptAd_9X3SaRvi1H-Db-X_b07mMa61uHz9Bv4FN5Orgq0C7GqyhLSn-DDFTZ5BY4PI-FhY53cyDnutTJZ3iNkOQtH5PIBmn_qtdmiIF8MKliTk8p7S-Z4pJWkASLCvL6irGZzx1li-k80mDGjbSLaFP6olecdxIeFbX3smZwfbURdVYZFtb5bVmfJZWYjawlh7Gr3seNGjyBR3Org-gBUSxuR16IxJUhh584TvYAHK9Sv1PMeVzyV-6QYJexjNh5FB3fOR_pEiPF7wAL6UBWEgIeW7Y8XyYcoFdOl1sp6Az9tk4hY960YVQGgF-UFl2Qhk8-FWgSD9ax_Oh3tq9ABpog4PppzWqAsqJZ2e39BLLxSrya44KPmN6Vlqxx1r7ex3eaCERZA5XDFuRehdh5qPhJrbFTHedlokFjNxYm38zH1ovmvXwpVdX5UVmpbKXJzkRARPiHvTUrnFwDZID-VNqXVYDqbQF5HrW9xJo_cVSJS4vpJ0PmbkrBLVppOvuHHixFoL6GMzxKPzXScxSJV_LaGcL044q8eocWpj90UyKFw9yckzhIoLYVWt2-ATKYBfF0u8nQi17LGgBPYI8xLKMQFSjWjRXJ7q8fr3LxSFfmLEKt117Am3F3cD1u1JstbygUXLT_q0l7NLNglhNV9pPGhToPfCrOJmIcTGCkBzz3NrAYsCoTtQqFA7eDkct4eXKPwWqI4lVcJqPOicpARxeWHs-j76Y1GMDPPPWNwr6Ia_AtSzC1IoQMET0aacZtw_Qt6vwJ7YV56MASlKeTYzmeacF9Ii2wGuELYrjv35HiI9VZiniuVUHkx0OJXzMbZaM1jd8yngJX_lmQlDKWWRwzfD4DceMxiH3YNKBTtJD9Z2EzG8LuzAFYbD5-QpwzJT-LxwV_bC6A1BxYCECNjD-YTnQujliRWEiOQB2DajqPjvZeCC-WwUoewBa9tG9sKCjumTokHJIyeeISsM7R8o-6wMrKGGOP2SfE--rTiL4kVucbV_fFb1ZmfbJMGSSSoucVZQ8D3WjbNe0ARc8aFl_YwCA7J51wWL_8oUIHLc4X3acSJdWacgP6dvkzN3VnAfh7tj2Uw8B5Ka3jlyssOX3ljWinObbx-5Dkv0xEM-NBiRyAB6ZC5QkmmLASPQ5cH8Eh7zBPO2ivAEVD0-VPw5WCyab_T5OB_zlPjakdJhyNNuKe8N4QnVox2QWZaUhRgk&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ds=l&xdt=1&iif=1&cor=7798099716138502000&adk=1964084972&idt=985&cac=0&dtd=8
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f154.1e100.net
Software
cafe /
Resource Hash
d2e54b39dcd2bb517ddbec35ad05dc8d61b3b5e475d56468a4b3db2e14856de0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:06 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22913
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/ Frame 5434 		29 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPV374MznStCYPVNaPBOowvEKwW6iQmNevzRHvva3Iojq7K7HXY225VaiOnfR8R4XXkUumQOjgJyX3vVfF5u0kHWWf7DwY7zsfBhuMaVxdWDtO7P7jQdqxLlNOHJFMrTcvDlX7_hxXskYeFUGQg1ONRXUDAhk-jAsymBP2KI9Cjvm2LEU&dbm_d=AKAmf-Bbq2Puz7REUoDkCh2I1gRPix7l_jhbUB8YVPA8Hp4LWSLcrUJ2vXwbU-oDF38nS33P7TzoKq0a2Ro87zOPVKOMsxBdMGyvaG9dznJ5OMSvoQL1ZUoCUCsJ51kkZoBRQyvKN_SU_SsNXhewHwf0GHw0r_s8_D35nTleXEv7tGze3Vo61eXNzcbhN2swt1K0oL05fPDCrF7OeFGqlSFIsK1ti2vnwtgiGQFeHHOf3XxSeqAXdP3roHhB9leFddygCy1h2M9ADDw78LldFO4STZNMbzWXCYAcoX-C1V_cvGfnz8PaKJhzUkSvqFgx1ba51N6TyRjRP_oXudewUn9dOxTidaFxAKhRrpvHOjiOorkpoTdOrHdU2tehhnoHhYhMbtQoSGF2kEZ2-ZCRX4bRgDEpOqr3NNWoxdkm3PgCDDQjudgq2Dm41ClFKTiiBPQHjZyJq3hzyFTsz4LTNSp5gKXTIRZefX54fY0ddNiM27dXhd9KhgxCdTyeo-oNwXgpdwMk2AqxIo2btvkma7c4STZ5mMpslxyIO7Lng6MZMeBnEFLGy_sweZqrbN9OrIB4Sy3HnGB9ccRyW3N_wIyY8-jlek_t1ZlP8rBqqV5Wxkz5AMWqFtjlG4Sh7yRzJ9yL33Lpv7ez_iyZCUaWBD5z-rM-70yyKQ2BMp1q2giY42MrdOF02tk-EqHj1z75CO0LayYn7CjYLszF08jFAYxLChGIbACERx0gVrNV-nd7IS8P5a8mQDF2X3X7Rchm1OQPOO3XHkScYhyf_UIbddwhhCOfx3Wpnf4Z5_Y6Wj4pERgQes0PTxcGOl9EI36ml24FEb55UDk7EXM9np3WeVvtCLCWIga6R5SU7ZzuvNKyCb82bDx4RN60jEhkR0cJOyFlY_yYwsOova4mQwCZN0Ol1yGlW6Rq8pDka7tW7rZHvn1FcGRb7iAbouAGE08Z7vXWjRxD0ovkCVF7653PvMSBZ7wtxxbKcIyCjjVv8OUtTo994tSWHSSIT1K81emAZIU64sNyS1QiWkCxweQ1-k-K4Ztcw5Lf4vtyo7s_MvDW-sSf4QD1AcxyuN3U-84eOqvomQLxqhpy3g2GWx2eN0yS50syIUcxdAHv6d6QTKLxDTIuAD1yvJwF28CALcVF0e2tVLuvyJXcH0C-PXEsstUeid4gJnOa8BlxPo_7kbWpXYUtroXpaUUkTS9Apa-RfP6RzjA9WeV6RTGadTeZEjTX3HBa3x9A0DwaTkWnF75Lx_JC0m4YmMS7_Yg0QdT4xHET7TBgC0SZr6BmfYEO_bgLNvRYrOJ2GETUyLXc5ttyJ2laP-xo4e9QoxO8WFc5N-c-HHrPl_H0zUf03FM2rMx0pOFmjLrBMDimrgmauPdvQ_EbzJ2fRQ2H1MqNIYo231Bsk8RSofUMpQ1B6SMZEHKLPaHEkSegREGhSZorCC9upkBl-kbaRpT5NTICDn5lxQytMlFIeIkzWOlRHT78YxVF4p_xkrT0BP0wJKdh7RR-pj-iEdpX0IwT0uTa14mGFAz911E1964O3O0XwHHyoYZT3-B8byF4Z4ksMgLEUCUL0p5y7PK1x3EuYirKYDy4PalbO0KErYHgs_xvYHdJ0XOWO75eBASxtPj3jFuM_RzMxlKlXkDrnEqSElYvH67qQCobgGKZyyMS2DhR3MrzCjohT2kSZGxLoCAcbVkb-hxS9NBDafWLkOZEoXRmLUdXu53XkEh8dMEuHSP7CGSyEtKeanBetmq-_J3jZR4KWCuF2Y0O9pZvejmjD0Ap0T-Wh7M8GJjE7dMYS9RzPQAr5OfAv9oUPHgbdFHDbUbHMk5gz2QBYp3oWyhKvi8zcVidZQ42hlSZYvjIuy68Jnd9lHwvsGYoAU6JOOg1XoTn9p_k46iZgYT0a_KK6yJbKZWukluGhyh2uffNC-Mqf6Ekf5AeIqdhhS_jGvsrblzc2pIl5952JG_zZqcpv53D9k5Lug9LRjv7L2f9RBJHlqjHjhF1G_sLKOzGXieK3GTDmhPsP8nQ4NX6y0z9U35arylHRVFbx3vCcPn7QseuR-t-Svxn_U9FUCIJXaR7QBavx7xmSWqFTpHCyVcFLcy9z-VZDYoGfozoP7D0KLGrgTEOYPySpq-xk0CEbRb6dz3ghUCfacmkEFVC-WdL6X2As6mGOvsAz5vEJzN-d3S2hUfxkYJB4Iw7sncjTejYPZKxAN0clMojkmXr0lPfMY_19-PCvHq6hj0oEGKCYLItlKSjouBfbfDfdg4zsu3W9RTvokb_LN8HZaOcspptAd_9X3SaRvi1H-Db-X_b07mMa61uHz9Bv4FN5Orgq0C7GqyhLSn-DDFTZ5BY4PI-FhY53cyDnutTJZ3iNkOQtH5PIBmn_qtdmiIF8MKliTk8p7S-Z4pJWkASLCvL6irGZzx1li-k80mDGjbSLaFP6olecdxIeFbX3smZwfbURdVYZFtb5bVmfJZWYjawlh7Gr3seNGjyBR3Org-gBUSxuR16IxJUhh584TvYAHK9Sv1PMeVzyV-6QYJexjNh5FB3fOR_pEiPF7wAL6UBWEgIeW7Y8XyYcoFdOl1sp6Az9tk4hY960YVQGgF-UFl2Qhk8-FWgSD9ax_Oh3tq9ABpog4PppzWqAsqJZ2e39BLLxSrya44KPmN6Vlqxx1r7ex3eaCERZA5XDFuRehdh5qPhJrbFTHedlokFjNxYm38zH1ovmvXwpVdX5UVmpbKXJzkRARPiHvTUrnFwDZID-VNqXVYDqbQF5HrW9xJo_cVSJS4vpJ0PmbkrBLVppOvuHHixFoL6GMzxKPzXScxSJV_LaGcL044q8eocWpj90UyKFw9yckzhIoLYVWt2-ATKYBfF0u8nQi17LGgBPYI8xLKMQFSjWjRXJ7q8fr3LxSFfmLEKt117Am3F3cD1u1JstbygUXLT_q0l7NLNglhNV9pPGhToPfCrOJmIcTGCkBzz3NrAYsCoTtQqFA7eDkct4eXKPwWqI4lVcJqPOicpARxeWHs-j76Y1GMDPPPWNwr6Ia_AtSzC1IoQMET0aacZtw_Qt6vwJ7YV56MASlKeTYzmeacF9Ii2wGuELYrjv35HiI9VZiniuVUHkx0OJXzMbZaM1jd8yngJX_lmQlDKWWRwzfD4DceMxiH3YNKBTtJD9Z2EzG8LuzAFYbD5-QpwzJT-LxwV_bC6A1BxYCECNjD-YTnQujliRWEiOQB2DajqPjvZeCC-WwUoewBa9tG9sKCjumTokHJIyeeISsM7R8o-6wMrKGGOP2SfE--rTiL4kVucbV_fFb1ZmfbJMGSSSoucVZQ8D3WjbNe0ARc8aFl_YwCA7J51wWL_8oUIHLc4X3acSJdWacgP6dvkzN3VnAfh7tj2Uw8B5Ka3jlyssOX3ljWinObbx-5Dkv0xEM-NBiRyAB6ZC5QkmmLASPQ5cH8Eh7zBPO2ivAEVD0-VPw5WCyab_T5OB_zlPjakdJhyNNuKe8N4QnVox2QWZaUhRgk&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ds=l&xdt=1&iif=1&cor=7798099716138502000&adk=1964084972&idt=985&cac=0&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:55:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
16816
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10982
x-xss-protection
0
server
cafe
etag
3642240749246652247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 15:55:51 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/ Frame 5434 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230206/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPV374MznStCYPVNaPBOowvEKwW6iQmNevzRHvva3Iojq7K7HXY225VaiOnfR8R4XXkUumQOjgJyX3vVfF5u0kHWWf7DwY7zsfBhuMaVxdWDtO7P7jQdqxLlNOHJFMrTcvDlX7_hxXskYeFUGQg1ONRXUDAhk-jAsymBP2KI9Cjvm2LEU&dbm_d=AKAmf-Bbq2Puz7REUoDkCh2I1gRPix7l_jhbUB8YVPA8Hp4LWSLcrUJ2vXwbU-oDF38nS33P7TzoKq0a2Ro87zOPVKOMsxBdMGyvaG9dznJ5OMSvoQL1ZUoCUCsJ51kkZoBRQyvKN_SU_SsNXhewHwf0GHw0r_s8_D35nTleXEv7tGze3Vo61eXNzcbhN2swt1K0oL05fPDCrF7OeFGqlSFIsK1ti2vnwtgiGQFeHHOf3XxSeqAXdP3roHhB9leFddygCy1h2M9ADDw78LldFO4STZNMbzWXCYAcoX-C1V_cvGfnz8PaKJhzUkSvqFgx1ba51N6TyRjRP_oXudewUn9dOxTidaFxAKhRrpvHOjiOorkpoTdOrHdU2tehhnoHhYhMbtQoSGF2kEZ2-ZCRX4bRgDEpOqr3NNWoxdkm3PgCDDQjudgq2Dm41ClFKTiiBPQHjZyJq3hzyFTsz4LTNSp5gKXTIRZefX54fY0ddNiM27dXhd9KhgxCdTyeo-oNwXgpdwMk2AqxIo2btvkma7c4STZ5mMpslxyIO7Lng6MZMeBnEFLGy_sweZqrbN9OrIB4Sy3HnGB9ccRyW3N_wIyY8-jlek_t1ZlP8rBqqV5Wxkz5AMWqFtjlG4Sh7yRzJ9yL33Lpv7ez_iyZCUaWBD5z-rM-70yyKQ2BMp1q2giY42MrdOF02tk-EqHj1z75CO0LayYn7CjYLszF08jFAYxLChGIbACERx0gVrNV-nd7IS8P5a8mQDF2X3X7Rchm1OQPOO3XHkScYhyf_UIbddwhhCOfx3Wpnf4Z5_Y6Wj4pERgQes0PTxcGOl9EI36ml24FEb55UDk7EXM9np3WeVvtCLCWIga6R5SU7ZzuvNKyCb82bDx4RN60jEhkR0cJOyFlY_yYwsOova4mQwCZN0Ol1yGlW6Rq8pDka7tW7rZHvn1FcGRb7iAbouAGE08Z7vXWjRxD0ovkCVF7653PvMSBZ7wtxxbKcIyCjjVv8OUtTo994tSWHSSIT1K81emAZIU64sNyS1QiWkCxweQ1-k-K4Ztcw5Lf4vtyo7s_MvDW-sSf4QD1AcxyuN3U-84eOqvomQLxqhpy3g2GWx2eN0yS50syIUcxdAHv6d6QTKLxDTIuAD1yvJwF28CALcVF0e2tVLuvyJXcH0C-PXEsstUeid4gJnOa8BlxPo_7kbWpXYUtroXpaUUkTS9Apa-RfP6RzjA9WeV6RTGadTeZEjTX3HBa3x9A0DwaTkWnF75Lx_JC0m4YmMS7_Yg0QdT4xHET7TBgC0SZr6BmfYEO_bgLNvRYrOJ2GETUyLXc5ttyJ2laP-xo4e9QoxO8WFc5N-c-HHrPl_H0zUf03FM2rMx0pOFmjLrBMDimrgmauPdvQ_EbzJ2fRQ2H1MqNIYo231Bsk8RSofUMpQ1B6SMZEHKLPaHEkSegREGhSZorCC9upkBl-kbaRpT5NTICDn5lxQytMlFIeIkzWOlRHT78YxVF4p_xkrT0BP0wJKdh7RR-pj-iEdpX0IwT0uTa14mGFAz911E1964O3O0XwHHyoYZT3-B8byF4Z4ksMgLEUCUL0p5y7PK1x3EuYirKYDy4PalbO0KErYHgs_xvYHdJ0XOWO75eBASxtPj3jFuM_RzMxlKlXkDrnEqSElYvH67qQCobgGKZyyMS2DhR3MrzCjohT2kSZGxLoCAcbVkb-hxS9NBDafWLkOZEoXRmLUdXu53XkEh8dMEuHSP7CGSyEtKeanBetmq-_J3jZR4KWCuF2Y0O9pZvejmjD0Ap0T-Wh7M8GJjE7dMYS9RzPQAr5OfAv9oUPHgbdFHDbUbHMk5gz2QBYp3oWyhKvi8zcVidZQ42hlSZYvjIuy68Jnd9lHwvsGYoAU6JOOg1XoTn9p_k46iZgYT0a_KK6yJbKZWukluGhyh2uffNC-Mqf6Ekf5AeIqdhhS_jGvsrblzc2pIl5952JG_zZqcpv53D9k5Lug9LRjv7L2f9RBJHlqjHjhF1G_sLKOzGXieK3GTDmhPsP8nQ4NX6y0z9U35arylHRVFbx3vCcPn7QseuR-t-Svxn_U9FUCIJXaR7QBavx7xmSWqFTpHCyVcFLcy9z-VZDYoGfozoP7D0KLGrgTEOYPySpq-xk0CEbRb6dz3ghUCfacmkEFVC-WdL6X2As6mGOvsAz5vEJzN-d3S2hUfxkYJB4Iw7sncjTejYPZKxAN0clMojkmXr0lPfMY_19-PCvHq6hj0oEGKCYLItlKSjouBfbfDfdg4zsu3W9RTvokb_LN8HZaOcspptAd_9X3SaRvi1H-Db-X_b07mMa61uHz9Bv4FN5Orgq0C7GqyhLSn-DDFTZ5BY4PI-FhY53cyDnutTJZ3iNkOQtH5PIBmn_qtdmiIF8MKliTk8p7S-Z4pJWkASLCvL6irGZzx1li-k80mDGjbSLaFP6olecdxIeFbX3smZwfbURdVYZFtb5bVmfJZWYjawlh7Gr3seNGjyBR3Org-gBUSxuR16IxJUhh584TvYAHK9Sv1PMeVzyV-6QYJexjNh5FB3fOR_pEiPF7wAL6UBWEgIeW7Y8XyYcoFdOl1sp6Az9tk4hY960YVQGgF-UFl2Qhk8-FWgSD9ax_Oh3tq9ABpog4PppzWqAsqJZ2e39BLLxSrya44KPmN6Vlqxx1r7ex3eaCERZA5XDFuRehdh5qPhJrbFTHedlokFjNxYm38zH1ovmvXwpVdX5UVmpbKXJzkRARPiHvTUrnFwDZID-VNqXVYDqbQF5HrW9xJo_cVSJS4vpJ0PmbkrBLVppOvuHHixFoL6GMzxKPzXScxSJV_LaGcL044q8eocWpj90UyKFw9yckzhIoLYVWt2-ATKYBfF0u8nQi17LGgBPYI8xLKMQFSjWjRXJ7q8fr3LxSFfmLEKt117Am3F3cD1u1JstbygUXLT_q0l7NLNglhNV9pPGhToPfCrOJmIcTGCkBzz3NrAYsCoTtQqFA7eDkct4eXKPwWqI4lVcJqPOicpARxeWHs-j76Y1GMDPPPWNwr6Ia_AtSzC1IoQMET0aacZtw_Qt6vwJ7YV56MASlKeTYzmeacF9Ii2wGuELYrjv35HiI9VZiniuVUHkx0OJXzMbZaM1jd8yngJX_lmQlDKWWRwzfD4DceMxiH3YNKBTtJD9Z2EzG8LuzAFYbD5-QpwzJT-LxwV_bC6A1BxYCECNjD-YTnQujliRWEiOQB2DajqPjvZeCC-WwUoewBa9tG9sKCjumTokHJIyeeISsM7R8o-6wMrKGGOP2SfE--rTiL4kVucbV_fFb1ZmfbJMGSSSoucVZQ8D3WjbNe0ARc8aFl_YwCA7J51wWL_8oUIHLc4X3acSJdWacgP6dvkzN3VnAfh7tj2Uw8B5Ka3jlyssOX3ljWinObbx-5Dkv0xEM-NBiRyAB6ZC5QkmmLASPQ5cH8Eh7zBPO2ivAEVD0-VPw5WCyab_T5OB_zlPjakdJhyNNuKe8N4QnVox2QWZaUhRgk&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ds=l&xdt=1&iif=1&cor=7798099716138502000&adk=1964084972&idt=985&cac=0&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 15:57:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
16726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 22 Feb 2023 15:57:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5434 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstb9AIpc-UEAGzY11KEWnvRlDP7SNRp6NhO_0FawFDaNhSAvOznMzjkyINmBybPhv2VG9zCuvp07eekrESgIRDE9iaCcVVLuSSln6-hzeVYEXYH0l6jyx7BZGbky5Fhp5cjaRBMlulBHZEtMOa0ab31aDJJda_DplZaUL4zcNXT5rwMLIE304UMdR_wNgl7hb9DpfEDPsh4TTjUnrgUmfUwalnpiELRses0tWS1TF0rMepAvNa8I0M_vC73HM6Yh-E5r__F5Xde-4P7sJG-50Bzbi-XTOsMBUwX4lgFTzVC7ecUH_g3hDy_Rg5F2_JDMNIDeul6k2TCPuxKu9pikz4ED7xv6fwVviVM6Njjg1RKG4_tbvANAqwPgmIpZBIVbDG_vCrZd5CTIFWI8j7X6s5l4nBIxeQUuk_u-q4lIjP32aep-C1yX2HPd6xxw6r1HOQQ9GKCSJrDTer4LCG19OrSekszOs40TU3u0-5sSbWvolj-Dwm8VyPQ_pAtfhSv7Q-cI1bCBPOGWuvkqjWPBG_Bl39b9e9L56KSzmV1jkEq0e2eRI3iIcijv1vHdLt0Fm0mRzKQxoAyRzszzX5vNET-RvkkIoYzOrhW75tG3d6CEEFSTptAhljj56U_8NBZDPoFAUV7ZrusGDyviIBenBby4EMkPATbMlVwWgBy72KmS-dsEfq4rRBlnhFD_unlG1bf4UjosQNP_FfYlcn1zAKCGpcoR06U1VfFdFc7RwfBYmaTg-WMau1Nu4-h_Ib4TVLYwdPTDaXBcxE2XAynUSzjYtNxMNLhUf-L9U8igpYdFfkoBVCv4s2TYSy1bo_JUiwj-toFjdsjlKrOwwVsBbDapeAz3QMmADmIQHliibJUNQ66B4LhHf6fxgmZaNMLR2ZKJt7im0bTlKgOVkXYQxwUChVv5axjDHpjYJVC9bHJ0P7tLsD6gP2t60fcGSjBbP1hx5gBxnFucMNblprhmnEfklmz3ijGq786SeIg3COD3d7W8q_UKP1r8PXpNYDx_RsgzbB0X6we75MJY8QN-4Swjp_bgSGJui8660dk_gMQaqwxr4fHCQMkDkWTjiO84DJr_YI5oTU3szmDTJ1mEqy39jwqOnyHqpZKqzQjnk6XL9Tb7JJWW0Fg-T2BP6yUFl8__AYyunT_nRL8PUO5WwLeAgLlQUrajsN3hFWhvstEJ2JixCdyKQ1EV2T3AJ2ZyW1_HjlqqxkuZmtlDZv3CFP9eTYXAkA0hxsOoDi-PbfRDbrvWRO3CoE60KpJ7IiAIVhpWHXxFyfs&sai=AMfl-YQD7igFLbF17BCkIMmtP85058uSfrh1VjEv06w7h3kqkQ8lgpfqponlHSvZ3Whg0OPZFGBrGsnjinRzyqSUyLjURgCIHW4lmbsWK5qN_bNjL8bAzZRLPrNOqveGnjbUw62V_btpzHEswFcWwMgn2_TRaDcMqn_38UMJw09Lxd2sW-_Hno5WHuRp101Ie43KGsTDHrCrRM063NrDBSrX_Ef56pxG9aN_zI_u8aXNzNavDNxjrzmrPWUz9IHE7fakmX8wyRZVgbbn3cGoAZ_rxSTW_0RsKfD0wCmfnNaV2hT9i4HzgJDY2o0lVA&sig=Cg0ArKJSzErWDknpLUoEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230206.49035&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPV374MznStCYPVNaPBOowvEKwW6iQmNevzRHvva3Iojq7K7HXY225VaiOnfR8R4XXkUumQOjgJyX3vVfF5u0kHWWf7DwY7zsfBhuMaVxdWDtO7P7jQdqxLlNOHJFMrTcvDlX7_hxXskYeFUGQg1ONRXUDAhk-jAsymBP2KI9Cjvm2LEU&dbm_d=AKAmf-Bbq2Puz7REUoDkCh2I1gRPix7l_jhbUB8YVPA8Hp4LWSLcrUJ2vXwbU-oDF38nS33P7TzoKq0a2Ro87zOPVKOMsxBdMGyvaG9dznJ5OMSvoQL1ZUoCUCsJ51kkZoBRQyvKN_SU_SsNXhewHwf0GHw0r_s8_D35nTleXEv7tGze3Vo61eXNzcbhN2swt1K0oL05fPDCrF7OeFGqlSFIsK1ti2vnwtgiGQFeHHOf3XxSeqAXdP3roHhB9leFddygCy1h2M9ADDw78LldFO4STZNMbzWXCYAcoX-C1V_cvGfnz8PaKJhzUkSvqFgx1ba51N6TyRjRP_oXudewUn9dOxTidaFxAKhRrpvHOjiOorkpoTdOrHdU2tehhnoHhYhMbtQoSGF2kEZ2-ZCRX4bRgDEpOqr3NNWoxdkm3PgCDDQjudgq2Dm41ClFKTiiBPQHjZyJq3hzyFTsz4LTNSp5gKXTIRZefX54fY0ddNiM27dXhd9KhgxCdTyeo-oNwXgpdwMk2AqxIo2btvkma7c4STZ5mMpslxyIO7Lng6MZMeBnEFLGy_sweZqrbN9OrIB4Sy3HnGB9ccRyW3N_wIyY8-jlek_t1ZlP8rBqqV5Wxkz5AMWqFtjlG4Sh7yRzJ9yL33Lpv7ez_iyZCUaWBD5z-rM-70yyKQ2BMp1q2giY42MrdOF02tk-EqHj1z75CO0LayYn7CjYLszF08jFAYxLChGIbACERx0gVrNV-nd7IS8P5a8mQDF2X3X7Rchm1OQPOO3XHkScYhyf_UIbddwhhCOfx3Wpnf4Z5_Y6Wj4pERgQes0PTxcGOl9EI36ml24FEb55UDk7EXM9np3WeVvtCLCWIga6R5SU7ZzuvNKyCb82bDx4RN60jEhkR0cJOyFlY_yYwsOova4mQwCZN0Ol1yGlW6Rq8pDka7tW7rZHvn1FcGRb7iAbouAGE08Z7vXWjRxD0ovkCVF7653PvMSBZ7wtxxbKcIyCjjVv8OUtTo994tSWHSSIT1K81emAZIU64sNyS1QiWkCxweQ1-k-K4Ztcw5Lf4vtyo7s_MvDW-sSf4QD1AcxyuN3U-84eOqvomQLxqhpy3g2GWx2eN0yS50syIUcxdAHv6d6QTKLxDTIuAD1yvJwF28CALcVF0e2tVLuvyJXcH0C-PXEsstUeid4gJnOa8BlxPo_7kbWpXYUtroXpaUUkTS9Apa-RfP6RzjA9WeV6RTGadTeZEjTX3HBa3x9A0DwaTkWnF75Lx_JC0m4YmMS7_Yg0QdT4xHET7TBgC0SZr6BmfYEO_bgLNvRYrOJ2GETUyLXc5ttyJ2laP-xo4e9QoxO8WFc5N-c-HHrPl_H0zUf03FM2rMx0pOFmjLrBMDimrgmauPdvQ_EbzJ2fRQ2H1MqNIYo231Bsk8RSofUMpQ1B6SMZEHKLPaHEkSegREGhSZorCC9upkBl-kbaRpT5NTICDn5lxQytMlFIeIkzWOlRHT78YxVF4p_xkrT0BP0wJKdh7RR-pj-iEdpX0IwT0uTa14mGFAz911E1964O3O0XwHHyoYZT3-B8byF4Z4ksMgLEUCUL0p5y7PK1x3EuYirKYDy4PalbO0KErYHgs_xvYHdJ0XOWO75eBASxtPj3jFuM_RzMxlKlXkDrnEqSElYvH67qQCobgGKZyyMS2DhR3MrzCjohT2kSZGxLoCAcbVkb-hxS9NBDafWLkOZEoXRmLUdXu53XkEh8dMEuHSP7CGSyEtKeanBetmq-_J3jZR4KWCuF2Y0O9pZvejmjD0Ap0T-Wh7M8GJjE7dMYS9RzPQAr5OfAv9oUPHgbdFHDbUbHMk5gz2QBYp3oWyhKvi8zcVidZQ42hlSZYvjIuy68Jnd9lHwvsGYoAU6JOOg1XoTn9p_k46iZgYT0a_KK6yJbKZWukluGhyh2uffNC-Mqf6Ekf5AeIqdhhS_jGvsrblzc2pIl5952JG_zZqcpv53D9k5Lug9LRjv7L2f9RBJHlqjHjhF1G_sLKOzGXieK3GTDmhPsP8nQ4NX6y0z9U35arylHRVFbx3vCcPn7QseuR-t-Svxn_U9FUCIJXaR7QBavx7xmSWqFTpHCyVcFLcy9z-VZDYoGfozoP7D0KLGrgTEOYPySpq-xk0CEbRb6dz3ghUCfacmkEFVC-WdL6X2As6mGOvsAz5vEJzN-d3S2hUfxkYJB4Iw7sncjTejYPZKxAN0clMojkmXr0lPfMY_19-PCvHq6hj0oEGKCYLItlKSjouBfbfDfdg4zsu3W9RTvokb_LN8HZaOcspptAd_9X3SaRvi1H-Db-X_b07mMa61uHz9Bv4FN5Orgq0C7GqyhLSn-DDFTZ5BY4PI-FhY53cyDnutTJZ3iNkOQtH5PIBmn_qtdmiIF8MKliTk8p7S-Z4pJWkASLCvL6irGZzx1li-k80mDGjbSLaFP6olecdxIeFbX3smZwfbURdVYZFtb5bVmfJZWYjawlh7Gr3seNGjyBR3Org-gBUSxuR16IxJUhh584TvYAHK9Sv1PMeVzyV-6QYJexjNh5FB3fOR_pEiPF7wAL6UBWEgIeW7Y8XyYcoFdOl1sp6Az9tk4hY960YVQGgF-UFl2Qhk8-FWgSD9ax_Oh3tq9ABpog4PppzWqAsqJZ2e39BLLxSrya44KPmN6Vlqxx1r7ex3eaCERZA5XDFuRehdh5qPhJrbFTHedlokFjNxYm38zH1ovmvXwpVdX5UVmpbKXJzkRARPiHvTUrnFwDZID-VNqXVYDqbQF5HrW9xJo_cVSJS4vpJ0PmbkrBLVppOvuHHixFoL6GMzxKPzXScxSJV_LaGcL044q8eocWpj90UyKFw9yckzhIoLYVWt2-ATKYBfF0u8nQi17LGgBPYI8xLKMQFSjWjRXJ7q8fr3LxSFfmLEKt117Am3F3cD1u1JstbygUXLT_q0l7NLNglhNV9pPGhToPfCrOJmIcTGCkBzz3NrAYsCoTtQqFA7eDkct4eXKPwWqI4lVcJqPOicpARxeWHs-j76Y1GMDPPPWNwr6Ia_AtSzC1IoQMET0aacZtw_Qt6vwJ7YV56MASlKeTYzmeacF9Ii2wGuELYrjv35HiI9VZiniuVUHkx0OJXzMbZaM1jd8yngJX_lmQlDKWWRwzfD4DceMxiH3YNKBTtJD9Z2EzG8LuzAFYbD5-QpwzJT-LxwV_bC6A1BxYCECNjD-YTnQujliRWEiOQB2DajqPjvZeCC-WwUoewBa9tG9sKCjumTokHJIyeeISsM7R8o-6wMrKGGOP2SfE--rTiL4kVucbV_fFb1ZmfbJMGSSSoucVZQ8D3WjbNe0ARc8aFl_YwCA7J51wWL_8oUIHLc4X3acSJdWacgP6dvkzN3VnAfh7tj2Uw8B5Ka3jlyssOX3ljWinObbx-5Dkv0xEM-NBiRyAB6ZC5QkmmLASPQ5cH8Eh7zBPO2ivAEVD0-VPw5WCyab_T5OB_zlPjakdJhyNNuKe8N4QnVox2QWZaUhRgk&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ds=l&xdt=1&iif=1&cor=7798099716138502000&adk=1964084972&idt=985&cac=0&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 08 Feb 2023 20:36:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 20:36:07 GMT
seuy62slm.js
cdn.krxd.net/controltag/ Frame 5434 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/seuy62slm.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPV374MznStCYPVNaPBOowvEKwW6iQmNevzRHvva3Iojq7K7HXY225VaiOnfR8R4XXkUumQOjgJyX3vVfF5u0kHWWf7DwY7zsfBhuMaVxdWDtO7P7jQdqxLlNOHJFMrTcvDlX7_hxXskYeFUGQg1ONRXUDAhk-jAsymBP2KI9Cjvm2LEU&dbm_d=AKAmf-Bbq2Puz7REUoDkCh2I1gRPix7l_jhbUB8YVPA8Hp4LWSLcrUJ2vXwbU-oDF38nS33P7TzoKq0a2Ro87zOPVKOMsxBdMGyvaG9dznJ5OMSvoQL1ZUoCUCsJ51kkZoBRQyvKN_SU_SsNXhewHwf0GHw0r_s8_D35nTleXEv7tGze3Vo61eXNzcbhN2swt1K0oL05fPDCrF7OeFGqlSFIsK1ti2vnwtgiGQFeHHOf3XxSeqAXdP3roHhB9leFddygCy1h2M9ADDw78LldFO4STZNMbzWXCYAcoX-C1V_cvGfnz8PaKJhzUkSvqFgx1ba51N6TyRjRP_oXudewUn9dOxTidaFxAKhRrpvHOjiOorkpoTdOrHdU2tehhnoHhYhMbtQoSGF2kEZ2-ZCRX4bRgDEpOqr3NNWoxdkm3PgCDDQjudgq2Dm41ClFKTiiBPQHjZyJq3hzyFTsz4LTNSp5gKXTIRZefX54fY0ddNiM27dXhd9KhgxCdTyeo-oNwXgpdwMk2AqxIo2btvkma7c4STZ5mMpslxyIO7Lng6MZMeBnEFLGy_sweZqrbN9OrIB4Sy3HnGB9ccRyW3N_wIyY8-jlek_t1ZlP8rBqqV5Wxkz5AMWqFtjlG4Sh7yRzJ9yL33Lpv7ez_iyZCUaWBD5z-rM-70yyKQ2BMp1q2giY42MrdOF02tk-EqHj1z75CO0LayYn7CjYLszF08jFAYxLChGIbACERx0gVrNV-nd7IS8P5a8mQDF2X3X7Rchm1OQPOO3XHkScYhyf_UIbddwhhCOfx3Wpnf4Z5_Y6Wj4pERgQes0PTxcGOl9EI36ml24FEb55UDk7EXM9np3WeVvtCLCWIga6R5SU7ZzuvNKyCb82bDx4RN60jEhkR0cJOyFlY_yYwsOova4mQwCZN0Ol1yGlW6Rq8pDka7tW7rZHvn1FcGRb7iAbouAGE08Z7vXWjRxD0ovkCVF7653PvMSBZ7wtxxbKcIyCjjVv8OUtTo994tSWHSSIT1K81emAZIU64sNyS1QiWkCxweQ1-k-K4Ztcw5Lf4vtyo7s_MvDW-sSf4QD1AcxyuN3U-84eOqvomQLxqhpy3g2GWx2eN0yS50syIUcxdAHv6d6QTKLxDTIuAD1yvJwF28CALcVF0e2tVLuvyJXcH0C-PXEsstUeid4gJnOa8BlxPo_7kbWpXYUtroXpaUUkTS9Apa-RfP6RzjA9WeV6RTGadTeZEjTX3HBa3x9A0DwaTkWnF75Lx_JC0m4YmMS7_Yg0QdT4xHET7TBgC0SZr6BmfYEO_bgLNvRYrOJ2GETUyLXc5ttyJ2laP-xo4e9QoxO8WFc5N-c-HHrPl_H0zUf03FM2rMx0pOFmjLrBMDimrgmauPdvQ_EbzJ2fRQ2H1MqNIYo231Bsk8RSofUMpQ1B6SMZEHKLPaHEkSegREGhSZorCC9upkBl-kbaRpT5NTICDn5lxQytMlFIeIkzWOlRHT78YxVF4p_xkrT0BP0wJKdh7RR-pj-iEdpX0IwT0uTa14mGFAz911E1964O3O0XwHHyoYZT3-B8byF4Z4ksMgLEUCUL0p5y7PK1x3EuYirKYDy4PalbO0KErYHgs_xvYHdJ0XOWO75eBASxtPj3jFuM_RzMxlKlXkDrnEqSElYvH67qQCobgGKZyyMS2DhR3MrzCjohT2kSZGxLoCAcbVkb-hxS9NBDafWLkOZEoXRmLUdXu53XkEh8dMEuHSP7CGSyEtKeanBetmq-_J3jZR4KWCuF2Y0O9pZvejmjD0Ap0T-Wh7M8GJjE7dMYS9RzPQAr5OfAv9oUPHgbdFHDbUbHMk5gz2QBYp3oWyhKvi8zcVidZQ42hlSZYvjIuy68Jnd9lHwvsGYoAU6JOOg1XoTn9p_k46iZgYT0a_KK6yJbKZWukluGhyh2uffNC-Mqf6Ekf5AeIqdhhS_jGvsrblzc2pIl5952JG_zZqcpv53D9k5Lug9LRjv7L2f9RBJHlqjHjhF1G_sLKOzGXieK3GTDmhPsP8nQ4NX6y0z9U35arylHRVFbx3vCcPn7QseuR-t-Svxn_U9FUCIJXaR7QBavx7xmSWqFTpHCyVcFLcy9z-VZDYoGfozoP7D0KLGrgTEOYPySpq-xk0CEbRb6dz3ghUCfacmkEFVC-WdL6X2As6mGOvsAz5vEJzN-d3S2hUfxkYJB4Iw7sncjTejYPZKxAN0clMojkmXr0lPfMY_19-PCvHq6hj0oEGKCYLItlKSjouBfbfDfdg4zsu3W9RTvokb_LN8HZaOcspptAd_9X3SaRvi1H-Db-X_b07mMa61uHz9Bv4FN5Orgq0C7GqyhLSn-DDFTZ5BY4PI-FhY53cyDnutTJZ3iNkOQtH5PIBmn_qtdmiIF8MKliTk8p7S-Z4pJWkASLCvL6irGZzx1li-k80mDGjbSLaFP6olecdxIeFbX3smZwfbURdVYZFtb5bVmfJZWYjawlh7Gr3seNGjyBR3Org-gBUSxuR16IxJUhh584TvYAHK9Sv1PMeVzyV-6QYJexjNh5FB3fOR_pEiPF7wAL6UBWEgIeW7Y8XyYcoFdOl1sp6Az9tk4hY960YVQGgF-UFl2Qhk8-FWgSD9ax_Oh3tq9ABpog4PppzWqAsqJZ2e39BLLxSrya44KPmN6Vlqxx1r7ex3eaCERZA5XDFuRehdh5qPhJrbFTHedlokFjNxYm38zH1ovmvXwpVdX5UVmpbKXJzkRARPiHvTUrnFwDZID-VNqXVYDqbQF5HrW9xJo_cVSJS4vpJ0PmbkrBLVppOvuHHixFoL6GMzxKPzXScxSJV_LaGcL044q8eocWpj90UyKFw9yckzhIoLYVWt2-ATKYBfF0u8nQi17LGgBPYI8xLKMQFSjWjRXJ7q8fr3LxSFfmLEKt117Am3F3cD1u1JstbygUXLT_q0l7NLNglhNV9pPGhToPfCrOJmIcTGCkBzz3NrAYsCoTtQqFA7eDkct4eXKPwWqI4lVcJqPOicpARxeWHs-j76Y1GMDPPPWNwr6Ia_AtSzC1IoQMET0aacZtw_Qt6vwJ7YV56MASlKeTYzmeacF9Ii2wGuELYrjv35HiI9VZiniuVUHkx0OJXzMbZaM1jd8yngJX_lmQlDKWWRwzfD4DceMxiH3YNKBTtJD9Z2EzG8LuzAFYbD5-QpwzJT-LxwV_bC6A1BxYCECNjD-YTnQujliRWEiOQB2DajqPjvZeCC-WwUoewBa9tG9sKCjumTokHJIyeeISsM7R8o-6wMrKGGOP2SfE--rTiL4kVucbV_fFb1ZmfbJMGSSSoucVZQ8D3WjbNe0ARc8aFl_YwCA7J51wWL_8oUIHLc4X3acSJdWacgP6dvkzN3VnAfh7tj2Uw8B5Ka3jlyssOX3ljWinObbx-5Dkv0xEM-NBiRyAB6ZC5QkmmLASPQ5cH8Eh7zBPO2ivAEVD0-VPw5WCyab_T5OB_zlPjakdJhyNNuKe8N4QnVox2QWZaUhRgk&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ds=l&xdt=1&iif=1&cor=7798099716138502000&adk=1964084972&idt=985&cac=0&dtd=8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5898d11593913b009eb660a4fd5422a5f2219b29f87740fde97f8f48f8811a9e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 08 Feb 2023 20:36:07 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
998
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-length
3602
x-served-by
config-service-a006-ash-prod.krxd.net, cache-iad-kiad7000152-IAD, cache-fty21376-FTY
x-response-time
0
x-do-esi
esi
x-timer
S1675888568.864242,VS0,VE17
etag
"1f82cb7412768fef63d1423dab6402527ba6d0bd"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 23, 1
/
servedby.flashtalking.com/imp/7/182015;6503683;201;jsappend;ProgrammaticDV360;NLG301ALLLAYERSOMGPDV360DCOALLAUDIENCESRON970X250/ Frame 5434 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servedby.flashtalking.com/imp/7/182015;6503683;201;jsappend;ProgrammaticDV360;NLG301ALLLAYERSOMGPDV360DCOALLAUDIENCESRON970X250/?ft_custom=DCpid:335635204&ftOBA=1&ft_domain=businessdesk.co.nz&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&us_privacy=${US_PRIVACY}&cachebuster=792054.5981865958&DCpid=335635204&ft_keyword=DV360Pid:__19297457012__;DCpid:__335635204__&ft_section=DV360Pid:19297457012
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.151.89 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-151-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app9.tky11 /
Resource Hash
8f21242757edba351147b1293a68641e6826e8f385aee00a9f1ff0ed308f6bc0
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:08 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=86400
Server
prod-xre-app9.tky11
Vary
Accept-Encoding
Content-Type
text/javascript;charset=ISO-8859-1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
864
Expires
Wed, 08 Feb 2023 20:36:08 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5434 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstb9AIpc-UEAGzY11KEWnvRlDP7SNRp6NhO_0FawFDaNhSAvOznMzjkyINmBybPhv2VG9zCuvp07eekrESgIRDE9iaCcVVLuSSln6-hzeVYEXYH0l6jyx7BZGbky5Fhp5cjaRBMlulBHZEtMOa0ab31aDJJda_DplZaUL4zcNXT5rwMLIE304UMdR_wNgl7hb9DpfEDPsh4TTjUnrgUmfUwalnpiELRses0tWS1TF0rMepAvNa8I0M_vC73HM6Yh-E5r__F5Xde-4P7sJG-50Bzbi-XTOsMBUwX4lgFTzVC7ecUH_g3hDy_Rg5F2_JDMNIDeul6k2TCPuxKu9pikz4ED7xv6fwVviVM6Njjg1RKG4_tbvANAqwPgmIpZBIVbDG_vCrZd5CTIFWI8j7X6s5l4nBIxeQUuk_u-q4lIjP32aep-C1yX2HPd6xxw6r1HOQQ9GKCSJrDTer4LCG19OrSekszOs40TU3u0-5sSbWvolj-Dwm8VyPQ_pAtfhSv7Q-cI1bCBPOGWuvkqjWPBG_Bl39b9e9L56KSzmV1jkEq0e2eRI3iIcijv1vHdLt0Fm0mRzKQxoAyRzszzX5vNET-RvkkIoYzOrhW75tG3d6CEEFSTptAhljj56U_8NBZDPoFAUV7ZrusGDyviIBenBby4EMkPATbMlVwWgBy72KmS-dsEfq4rRBlnhFD_unlG1bf4UjosQNP_FfYlcn1zAKCGpcoR06U1VfFdFc7RwfBYmaTg-WMau1Nu4-h_Ib4TVLYwdPTDaXBcxE2XAynUSzjYtNxMNLhUf-L9U8igpYdFfkoBVCv4s2TYSy1bo_JUiwj-toFjdsjlKrOwwVsBbDapeAz3QMmADmIQHliibJUNQ66B4LhHf6fxgmZaNMLR2ZKJt7im0bTlKgOVkXYQxwUChVv5axjDHpjYJVC9bHJ0P7tLsD6gP2t60fcGSjBbP1hx5gBxnFucMNblprhmnEfklmz3ijGq786SeIg3COD3d7W8q_UKP1r8PXpNYDx_RsgzbB0X6we75MJY8QN-4Swjp_bgSGJui8660dk_gMQaqwxr4fHCQMkDkWTjiO84DJr_YI5oTU3szmDTJ1mEqy39jwqOnyHqpZKqzQjnk6XL9Tb7JJWW0Fg-T2BP6yUFl8__AYyunT_nRL8PUO5WwLeAgLlQUrajsN3hFWhvstEJ2JixCdyKQ1EV2T3AJ2ZyW1_HjlqqxkuZmtlDZv3CFP9eTYXAkA0hxsOoDi-PbfRDbrvWRO3CoE60KpJ7IiAIVhpWHXxFyfs&sai=AMfl-YQD7igFLbF17BCkIMmtP85058uSfrh1VjEv06w7h3kqkQ8lgpfqponlHSvZ3Whg0OPZFGBrGsnjinRzyqSUyLjURgCIHW4lmbsWK5qN_bNjL8bAzZRLPrNOqveGnjbUw62V_btpzHEswFcWwMgn2_TRaDcMqn_38UMJw09Lxd2sW-_Hno5WHuRp101Ie43KGsTDHrCrRM063NrDBSrX_Ef56pxG9aN_zI_u8aXNzNavDNxjrzmrPWUz9IHE7fakmX8wyRZVgbbn3cGoAZ_rxSTW_0RsKfD0wCmfnNaV2hT9i4HzgJDY2o0lVA&sig=Cg0ArKJSzErWDknpLUoEEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=6&vt=11&dtpt=5&dett=2&cstd=0&cisv=r20230206.49035&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CPV374MznStCYPVNaPBOowvEKwW6iQmNevzRHvva3Iojq7K7HXY225VaiOnfR8R4XXkUumQOjgJyX3vVfF5u0kHWWf7DwY7zsfBhuMaVxdWDtO7P7jQdqxLlNOHJFMrTcvDlX7_hxXskYeFUGQg1ONRXUDAhk-jAsymBP2KI9Cjvm2LEU&dbm_d=AKAmf-Bbq2Puz7REUoDkCh2I1gRPix7l_jhbUB8YVPA8Hp4LWSLcrUJ2vXwbU-oDF38nS33P7TzoKq0a2Ro87zOPVKOMsxBdMGyvaG9dznJ5OMSvoQL1ZUoCUCsJ51kkZoBRQyvKN_SU_SsNXhewHwf0GHw0r_s8_D35nTleXEv7tGze3Vo61eXNzcbhN2swt1K0oL05fPDCrF7OeFGqlSFIsK1ti2vnwtgiGQFeHHOf3XxSeqAXdP3roHhB9leFddygCy1h2M9ADDw78LldFO4STZNMbzWXCYAcoX-C1V_cvGfnz8PaKJhzUkSvqFgx1ba51N6TyRjRP_oXudewUn9dOxTidaFxAKhRrpvHOjiOorkpoTdOrHdU2tehhnoHhYhMbtQoSGF2kEZ2-ZCRX4bRgDEpOqr3NNWoxdkm3PgCDDQjudgq2Dm41ClFKTiiBPQHjZyJq3hzyFTsz4LTNSp5gKXTIRZefX54fY0ddNiM27dXhd9KhgxCdTyeo-oNwXgpdwMk2AqxIo2btvkma7c4STZ5mMpslxyIO7Lng6MZMeBnEFLGy_sweZqrbN9OrIB4Sy3HnGB9ccRyW3N_wIyY8-jlek_t1ZlP8rBqqV5Wxkz5AMWqFtjlG4Sh7yRzJ9yL33Lpv7ez_iyZCUaWBD5z-rM-70yyKQ2BMp1q2giY42MrdOF02tk-EqHj1z75CO0LayYn7CjYLszF08jFAYxLChGIbACERx0gVrNV-nd7IS8P5a8mQDF2X3X7Rchm1OQPOO3XHkScYhyf_UIbddwhhCOfx3Wpnf4Z5_Y6Wj4pERgQes0PTxcGOl9EI36ml24FEb55UDk7EXM9np3WeVvtCLCWIga6R5SU7ZzuvNKyCb82bDx4RN60jEhkR0cJOyFlY_yYwsOova4mQwCZN0Ol1yGlW6Rq8pDka7tW7rZHvn1FcGRb7iAbouAGE08Z7vXWjRxD0ovkCVF7653PvMSBZ7wtxxbKcIyCjjVv8OUtTo994tSWHSSIT1K81emAZIU64sNyS1QiWkCxweQ1-k-K4Ztcw5Lf4vtyo7s_MvDW-sSf4QD1AcxyuN3U-84eOqvomQLxqhpy3g2GWx2eN0yS50syIUcxdAHv6d6QTKLxDTIuAD1yvJwF28CALcVF0e2tVLuvyJXcH0C-PXEsstUeid4gJnOa8BlxPo_7kbWpXYUtroXpaUUkTS9Apa-RfP6RzjA9WeV6RTGadTeZEjTX3HBa3x9A0DwaTkWnF75Lx_JC0m4YmMS7_Yg0QdT4xHET7TBgC0SZr6BmfYEO_bgLNvRYrOJ2GETUyLXc5ttyJ2laP-xo4e9QoxO8WFc5N-c-HHrPl_H0zUf03FM2rMx0pOFmjLrBMDimrgmauPdvQ_EbzJ2fRQ2H1MqNIYo231Bsk8RSofUMpQ1B6SMZEHKLPaHEkSegREGhSZorCC9upkBl-kbaRpT5NTICDn5lxQytMlFIeIkzWOlRHT78YxVF4p_xkrT0BP0wJKdh7RR-pj-iEdpX0IwT0uTa14mGFAz911E1964O3O0XwHHyoYZT3-B8byF4Z4ksMgLEUCUL0p5y7PK1x3EuYirKYDy4PalbO0KErYHgs_xvYHdJ0XOWO75eBASxtPj3jFuM_RzMxlKlXkDrnEqSElYvH67qQCobgGKZyyMS2DhR3MrzCjohT2kSZGxLoCAcbVkb-hxS9NBDafWLkOZEoXRmLUdXu53XkEh8dMEuHSP7CGSyEtKeanBetmq-_J3jZR4KWCuF2Y0O9pZvejmjD0Ap0T-Wh7M8GJjE7dMYS9RzPQAr5OfAv9oUPHgbdFHDbUbHMk5gz2QBYp3oWyhKvi8zcVidZQ42hlSZYvjIuy68Jnd9lHwvsGYoAU6JOOg1XoTn9p_k46iZgYT0a_KK6yJbKZWukluGhyh2uffNC-Mqf6Ekf5AeIqdhhS_jGvsrblzc2pIl5952JG_zZqcpv53D9k5Lug9LRjv7L2f9RBJHlqjHjhF1G_sLKOzGXieK3GTDmhPsP8nQ4NX6y0z9U35arylHRVFbx3vCcPn7QseuR-t-Svxn_U9FUCIJXaR7QBavx7xmSWqFTpHCyVcFLcy9z-VZDYoGfozoP7D0KLGrgTEOYPySpq-xk0CEbRb6dz3ghUCfacmkEFVC-WdL6X2As6mGOvsAz5vEJzN-d3S2hUfxkYJB4Iw7sncjTejYPZKxAN0clMojkmXr0lPfMY_19-PCvHq6hj0oEGKCYLItlKSjouBfbfDfdg4zsu3W9RTvokb_LN8HZaOcspptAd_9X3SaRvi1H-Db-X_b07mMa61uHz9Bv4FN5Orgq0C7GqyhLSn-DDFTZ5BY4PI-FhY53cyDnutTJZ3iNkOQtH5PIBmn_qtdmiIF8MKliTk8p7S-Z4pJWkASLCvL6irGZzx1li-k80mDGjbSLaFP6olecdxIeFbX3smZwfbURdVYZFtb5bVmfJZWYjawlh7Gr3seNGjyBR3Org-gBUSxuR16IxJUhh584TvYAHK9Sv1PMeVzyV-6QYJexjNh5FB3fOR_pEiPF7wAL6UBWEgIeW7Y8XyYcoFdOl1sp6Az9tk4hY960YVQGgF-UFl2Qhk8-FWgSD9ax_Oh3tq9ABpog4PppzWqAsqJZ2e39BLLxSrya44KPmN6Vlqxx1r7ex3eaCERZA5XDFuRehdh5qPhJrbFTHedlokFjNxYm38zH1ovmvXwpVdX5UVmpbKXJzkRARPiHvTUrnFwDZID-VNqXVYDqbQF5HrW9xJo_cVSJS4vpJ0PmbkrBLVppOvuHHixFoL6GMzxKPzXScxSJV_LaGcL044q8eocWpj90UyKFw9yckzhIoLYVWt2-ATKYBfF0u8nQi17LGgBPYI8xLKMQFSjWjRXJ7q8fr3LxSFfmLEKt117Am3F3cD1u1JstbygUXLT_q0l7NLNglhNV9pPGhToPfCrOJmIcTGCkBzz3NrAYsCoTtQqFA7eDkct4eXKPwWqI4lVcJqPOicpARxeWHs-j76Y1GMDPPPWNwr6Ia_AtSzC1IoQMET0aacZtw_Qt6vwJ7YV56MASlKeTYzmeacF9Ii2wGuELYrjv35HiI9VZiniuVUHkx0OJXzMbZaM1jd8yngJX_lmQlDKWWRwzfD4DceMxiH3YNKBTtJD9Z2EzG8LuzAFYbD5-QpwzJT-LxwV_bC6A1BxYCECNjD-YTnQujliRWEiOQB2DajqPjvZeCC-WwUoewBa9tG9sKCjumTokHJIyeeISsM7R8o-6wMrKGGOP2SfE--rTiL4kVucbV_fFb1ZmfbJMGSSSoucVZQ8D3WjbNe0ARc8aFl_YwCA7J51wWL_8oUIHLc4X3acSJdWacgP6dvkzN3VnAfh7tj2Uw8B5Ka3jlyssOX3ljWinObbx-5Dkv0xEM-NBiRyAB6ZC5QkmmLASPQ5cH8Eh7zBPO2ivAEVD0-VPw5WCyab_T5OB_zlPjakdJhyNNuKe8N4QnVox2QWZaUhRgk&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&dv3_ver=m202301230201&rfl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ds=l&xdt=1&iif=1&cor=7798099716138502000&adk=1964084972&idt=985&cac=0&dtd=8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:07 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 08 Feb 2023 20:36:07 GMT
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1675888567059&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&sr=1600x1200&id=lst...
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1675888567059&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&sr=1600x1200&id=lst...
44 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1675888567059&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&sr=1600x1200&id=lstrg-ec360a3849b3026b3cdbb41ddd3aeace&ja=1
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Server
13.35.8.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-8-118.sin5.r.cloudfront.net
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:08 GMT
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
4fc1Rh9dzOa86HMtYDD7jK5XBvgfDqQDz289XM13u6mWxSB-Dk47Fg==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Wed, 08 Feb 2023 20:36:07 GMT
via
1.1 c38127ef40e972ba03fa4e269bbdb780.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN5-C1
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
0
pragma
no-cache
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
location
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1675888567059&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&sr=1600x1200&id=lstrg-ec360a3849b3026b3cdbb41ddd3aeace&ja=1
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
pJESQZ8BXdCuGJrWp29aK6wJ_zC75mMuV3NmQo6JcCoJ_f6oanhLeA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
truncated
/ Frame 5434 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
713cab74266c9e09db6fc5c6cf38ffdcd4f2af3e7fa5901b13b0ccf03b284706

Request headers

accept-language
en-NZ,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type
image/png
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		195 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P3CFAE46C-B826-4E51-A835-3955F0A55ABC.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id
Tw1ZrV6S6M8HrQmSnEoR4BpykB7j_69v
content-encoding
gzip
via
1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
date
Wed, 08 Feb 2023 20:18:19 GMT
x-amz-cf-pop
SIN52-C3
age
1072
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 28 Sep 2022 14:09:01 GMT
server
AmazonS3
etag
W/"81a9e2a298d0019660cb2966f0c24748"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
fzlhK1B-8w8D6Nw1fjLG7thp5U5zC2dAlupl6PwJuPagEjvhqXtQFA==
controltag.js.d58f47095e6041e576ee04944cca45da
cdn.krxd.net/ctjs/ Frame 5434 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/seuy62slm.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 08 Feb 2023 20:36:08 GMT
content-encoding
gzip
via
1.1 varnish
x-cache-hits
524373
age
10995172
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
84766
x-served-by
cache-fty21376-FTY
last-modified
Tue, 04 Oct 2022 09:41:11 GMT
x-timer
S1675888568.204018,VS0,VE0
etag
"d58f47095e6041e576ee04944cca45da"
content-type
application/javascript
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Fri, 01 Oct 2032 09:41:10 GMT
j-6503683-3854629.js
cdn.flashtalking.com/xre/650/6503683/3854629/js/ Frame 5434 		85 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/xre/650/6503683/3854629/js/j-6503683-3854629.js
Requested by
Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/7/182015;6503683;201;jsappend;ProgrammaticDV360;NLG301ALLLAYERSOMGPDV360DCOALLAUDIENCESRON970X250/?ft_custom=DCpid:335635204&ftOBA=1&ft_domain=businessdesk.co.nz&ft_ifb=1&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&us_privacy=${US_PRIVACY}&cachebuster=792054.5981865958&DCpid=335635204&ft_keyword=DV360Pid:__19297457012__;DCpid:__335635204__&ft_section=DV360Pid:19297457012
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
ad17cc06c1d9df406a1b5c352ebe39ffe09f04c40b5aec8f1fded8139cd5a482

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:09 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Oct 2022 23:33:07 GMT
Server
Flashtalking (AKA)
ETag
W/"ba1240c89a8d2c74408f897d086b58a8"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
478299667
Content-Type
text/javascript; charset=utf-8
Cache-Control
max-age=1200
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
21513
Expires
Wed, 08 Feb 2023 20:56:09 GMT
1283514455463749
connect.facebook.net/signals/config/ 		377 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1283514455463749?v=2.9.95&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.13.19 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-sin6.fbcdn.net
Software
/
Resource Hash
d61d13a7422dc5d91c9499ca64f85f04e50ebed68d57047aade7fc950b6fb9a3
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 08 Feb 2023 20:36:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
x2gmmse/0hAkqI4/HWW7vx9ozFUo4C+a6tpm3hDt78P2wdvjaxYDbL5/RWTAOQRHigIZt34UQ4KRScV8rR1xDg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=511504383055799&ev=PageView&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&rl=&if=false&ts=1675888568359&sw=1600&sh=1200&v=2.9.95&r=stable&ec=0&o=30&cs_est=true&fbp=fb.2.1675888568358.2011117675&it=1675888566515&coo=false&rqm=GET
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 Feb 2023 20:36:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 5434 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-7aW63upkA_oWSqK5MrmmhslcNz7auGdqWzs8KxxRXOPVDntR-4owyI2BeW_2ynRWm1fBSYD-chS1PU1WE9dsSxs15HyHT7-pDQZmevC3pSxEmZMFtM_TciEhqIyBq62jGtE&sai=AMfl-YQf7pcF1gkqLKtog9bjinSmk4j9W3kRkZrPUDVF7tWwjaD4sKx4xcMVEs-tKMifAv1oz2r6NIYZrtD-ZRlzILIELeqmkaZzw9v3mGSq3hf5TsboWgv3kaNACtjAyh70mO663EfF_o3gCN0j&sig=Cg0ArKJSzKruhjwYM1xtEAE&cid=CAQSSwDUE5ymLgDoO8FXRlFoJo_aMxLF8tmA_spPU8YWnAZkIaU5tH8JC5btDRD8BL8pFRkCl0EeleFuoLMLgBPrgFrsLXr3P-2_pJ_MFBgB&id=lidar2&mcvt=1016&p=173,315,423,1285&mtos=1016,1016,1016,1016,1016&tos=1016,0,0,0,0&v=20230206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=830274696&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1675888565369&rpt=1972&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 56B8 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-18.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

age
86
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Wed, 08 Feb 2023 20:34:43 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 28 Sep 2022 14:09:00 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f06aaad108598501fc8aab5df5423ad8.cloudfront.net (CloudFront)
x-amz-cf-id
4oYzRo19NNLdY2VeRUaLkMqwUQ-fS02prtPAYm6Ol57mNmYbrBNgHw==
x-amz-cf-pop
SIN52-C3
x-amz-server-side-encryption
AES256
x-amz-version-id
kefD87rpNa3sUBHNjAEOkjjRzic54A4V
x-cache
Hit from cloudfront
ad_impression.gif
beacon.krxd.net/ Frame 5434 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/ad_impression.gif?campaignid=25102651&advertiserid=8710623&placementid=335635204&adid=527374290&creativeid=170722412&siteid=4851783&kxbrand=NL&url=https%3A%2F%2Fbeacon.krxd.net%2Fad_impression.gif&_kpid=5d37158c-f86b-476b-8626-916eb78d7c14&confid=seuy62slm
Requested by
Host: 4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
URL: https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.196.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-196-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
beacon-n008-pdx-prod.krxd.net
date
Wed, 08 Feb 2023 20:36:09 GMT
cache-control
private, no-cache, no-store
x-request-time
D=39 t=1675888569
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 56B8 		44 B
597 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P3CFAE46C-B826-4E51-A835-3955F0A55ABC&sessionId=4qnitimppku2hvkonpxjl71vk8ldi1675888568&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.242.200 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-242-200.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:09 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
4qnitimppku2hvkonpxjl71vk8ldi1675888568.nuid.imrworldwide.com/ Frame 56B8 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4qnitimppku2hvkonpxjl71vk8ldi1675888568.nuid.imrworldwide.com/
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-79.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 04:51:05 GMT
via
1.1 9c77410e22dc74e7bd4296ee24a7bbce.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
SIN2-C1
age
56705
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
uxXfbd3wXT6wDzOve_jBLrTd6V6c1qUUgMYiCJPubqzcyc4480RZnA==
5d37158c-f86b-476b-8626-916eb78d7c14
consumer.krxd.net/consent/get/ Frame 5434 		242 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/5d37158c-f86b-476b-8626-916eb78d7c14?idt=device&dt=kxcookie&callback=Krux.ns.thewarehouse.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
21506aa635a6008f6df622b96ede0c7749dbcda6473f084cb6104c55e482ec1a

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
consumer-a011-ash-prod.krxd.net, cache-fty21349-FTY
date
Wed, 08 Feb 2023 20:36:09 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-timer
S1675888570.703076,VS0,VE17
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
content-length
196
x-cache-hits
0, 0
optout_check
beacon.krxd.net/ Frame 5434 		66 B
225 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.thewarehouse.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.196.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-196-159.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
b0c92f082bb7ee75d44c24d26061f9129d26b0a74adfe61eae310fc1fa133a26

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-served-by
beacon-n010-pdx-prod.krxd.net
date
Wed, 08 Feb 2023 20:36:09 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=32 t=1675888569
content-type
text/javascript
index.html
cdn.flashtalking.com/160230/3854629/ Frame F2AE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/3854629/index.html
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/650/6503683/3854629/js/j-6503683-3854629.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
3d3bb0f386bdbf711aefbe327333a7b0c16cdea5fd8e92c9d04e34082be4ac18

Request headers

Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age
3000
Cache-Control
max-age=1200
Connection
keep-alive
Content-Encoding
gzip
Content-Length
538
Content-Type
text/html
Date
Wed, 08 Feb 2023 20:36:10 GMT
ETag
W/"26a140cb900a5cf1d9c454c81ab2f650"
Expires
Wed, 08 Feb 2023 20:56:10 GMT
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
Vary
Accept-Encoding
X-FT-Origin
us
X-Varnish
421494129
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1283514455463749&ev=PageView&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&rl=&if=false&ts=1675888569871&sw=1600&sh=1200&v=2.9.95&r=stable&a=tmgoogletagmanager&ec=0&o=30&cs_est=true&fbp=fb.2.1675888568358.2011117675&it=1675888566515&coo=false&rqm=GET
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 08 Feb 2023 20:36:10 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ Frame 4C39 		0
51 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://businessdesk.co.nz
Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://businessdesk.co.nz
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:10 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
style.css
cdn.flashtalking.com/160230/3854629/css/ Frame F2AE 		5 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/3854629/css/style.css
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
cdd37f9a07440ef5f15c27d70c162dc06e7790d2da1dfdbb6fd9d595b32db277

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
5521
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
ETag
W/"f6e53c78abb67704450d2f2a8e27fe64"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/css
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
X-Varnish
476742530
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:10 GMT
logo_vertical.svg
cdn.flashtalking.com/160230/3854629/img/ Frame F2AE 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/160230/3854629/img/logo_vertical.svg
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
d15b241c28372f234a6f874dd16eb56284a2148dba69d7741b1d4a8f152a696e

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
Content-Encoding
gzip
X-FT-Origin
us
Connection
keep-alive
Content-Length
1263
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
ETag
W/"6aaafe2ca06f53e1f34c142757fd627b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
X-Varnish
475732114
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:10 GMT
gsap.min.js
cdn.flashtalking.com/frameworks/js/gsap/3.2.4/ Frame F2AE 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/gsap/3.2.4/gsap.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
17214c8529a8c33e15d857141c56353bd26b03095b0cf0c5ed7d98b8c3d84e80

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 11 Mar 2020 14:37:32 GMT
Server
Flashtalking (AKA)
ETag
W/"4b010e6752e3f68cbff6ca10bb38b792"
x-amz-meta-origin-date-iso8601
2020-03-11T14:33:03.293Z
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
469084532
Content-Type
application/x-javascript
Cache-Control
max-age=13171
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23155
Expires
Thu, 09 Feb 2023 00:15:41 GMT
webfontloader.js
cdn.flashtalking.com/frameworks/js/ajax/libs/webfont/1.6.28/ Frame F2AE 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Jan 2020 08:10:38 GMT
Server
Flashtalking (AKA)
ETag
W/"7e2893ef542a12a5c7207d438bfa87d8"
x-amz-meta-origin-date-iso8601
2020-01-22T08:09:15.388Z
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
406385932 400619344
Content-Type
application/x-javascript
Cache-Control
max-age=10828
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5013
Expires
Wed, 08 Feb 2023 23:36:38 GMT
html5API.js
cdn.flashtalking.com/frameworks/js/api/2/10/ Frame F2AE 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 15 Aug 2022 14:14:24 GMT
Server
Flashtalking (AKA)
ETag
W/"232f021c7925a065046f63511f376193"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
98384580 95829753
Content-Type
application/javascript
Cache-Control
max-age=10828
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28679
Expires
Wed, 08 Feb 2023 23:36:38 GMT
FTFeed.min.js
cdn.flashtalking.com/feeds/frameworks/js/api/20/ Frame F2AE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/feeds/frameworks/js/api/20/FTFeed.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
b29a8f5cd6937592b2aad723385204b0633d519300ef632cf8361d1b47e72553

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Nov 2017 15:57:44 GMT
Server
Flashtalking (AKA)
ETag
W/"5a61df4ec54451376992c20f8c760126"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
465200629
Content-Type
text/javascript
Cache-Control
max-age=788
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1651
Expires
Wed, 08 Feb 2023 20:49:18 GMT
Tracker.js
cdn.flashtalking.com/feeds/frameworks/js/utils/ Frame F2AE 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/feeds/frameworks/js/utils/Tracker.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
4c177e4e7d46fc0cd191cfd21e1d4fb24229e5c03e491cec02b6a4cd1c459ded

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 Oct 2017 20:49:54 GMT
Server
Flashtalking (AKA)
ETag
W/"dd0371837f9bb02ffb72b212c849f4d8"
X-FT-Origin
us
Vary
Accept-Encoding
X-Varnish
465611083 465643289
Content-Type
text/javascript
Cache-Control
max-age=709
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1816
Expires
Wed, 08 Feb 2023 20:47:59 GMT
vanilla-js-carousel.min.js
cdn.flashtalking.com/160230/3854629/js/ Frame F2AE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/3854629/js/vanilla-js-carousel.min.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
40cfaa27e01d2d69d767c0a536268304a535e9d144029578068b824981070ff8

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:11 GMT
Content-Encoding
gzip
X-FT-Origin
us
Connection
keep-alive
Content-Length
1084
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
ETag
W/"88ced889168901ac42a280f5a15c7ea4"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
X-Varnish
474870160
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:11 GMT
shave.js
cdn.flashtalking.com/160230/3854629/js/ Frame F2AE 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/3854629/js/shave.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
ad6bc1f2d516ba29bd9bc579961987b191c59d60b45caca00ee694ac37b66f96

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:11 GMT
Content-Encoding
gzip
X-FT-Origin
us
Connection
keep-alive
Content-Length
1372
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
ETag
W/"e4a7567ee48333034d968bd7f30e6175"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
X-Varnish
478616478
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:11 GMT
main.js
cdn.flashtalking.com/160230/3854629/js/ Frame F2AE 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/3854629/js/main.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/index.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
912cacf069c21c78cb7c53a315163264031a8376e9ec46c0a92abd0b6674ccc6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:11 GMT
Content-Encoding
gzip
X-FT-Origin
us
Connection
keep-alive
Content-Length
5526
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
ETag
W/"704a62b53e54aad2019e2b15c1304098"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
X-Varnish
477664343
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:11 GMT
/
www.facebook.com/tr/ Frame 2B4C 		0
18 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.13.35 , Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-sin6.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://businessdesk.co.nz
Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://businessdesk.co.nz
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:10 GMT
priority
u=0
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-910563&ch=nz-910563_c41_Business%20Desk%20-%20Other_S&asn=Business%20Desk%20-%20Other&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=4qnitimppku2hvkonpxjl71vk8ldi1675888568&prv=1&c6=vc,c41&ca=NA&c13=asid,P3CFAE46C-B826-4E51-A835-3955F0A55ABC&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,xr9l8jaxb8at1jczymssmru8rkli71675888568&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16758885683928727&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=%2Flogin&c3=st,c&c64=starttm,1675888569&adid=%2Flogin&c58=isLive,false&c59=sesid,&c61=createtm,1675888569&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&c66=mediaurl,&sdd=&c62=sendTime,1675888569&rnd=51894
Requested by
Host: businessdesk.co.nz
URL: https://businessdesk.co.nz/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.0.242.200 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-0-242-200.ap-southeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:10 GMT
server
nginx
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
manifest.js
cdn.flashtalking.com/160230/3854629/ Frame F2AE 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/3854629/manifest.js
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
7272ad39825d1a92d75385a9a2affec466cd24f404b6deea7f95a5bbb79d0421

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:11 GMT
Content-Encoding
gzip
X-FT-Origin
us
Connection
keep-alive
Content-Length
438
Last-Modified
Mon, 23 May 2022 04:47:27 GMT
Server
Flashtalking (AKA)
ETag
W/"8c670e24d6407909c5ce2263cf5dc043"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
X-Varnish
420275287
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:11 GMT
StagSans-Medium.woff
cdn.flashtalking.com/fonts/thewarehousegroup/ Frame F2AE 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/fonts/thewarehousegroup/StagSans-Medium.woff
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
486ce775ab3316f37828f36e963aa8ac43e7081a2e463dbc56325faad63abd36

Request headers

Referer
https://cdn.flashtalking.com/160230/3854629/css/style.css
Origin
https://cdn.flashtalking.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:11 GMT
x-amz-meta-origin-date-iso8601
2022-03-31T10:39:56.830Z
X-FT-Origin
us
Connection
keep-alive
Content-Length
47708
Last-Modified
Thu, 31 Mar 2022 10:40:42 GMT
Server
Flashtalking (AKA)
ETag
W/"842588918e1084010ce34735e01e4133"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
X-Varnish
383370208 382060512
Access-Control-Allow-Origin
*
Content-Type
application/octet-stream
Cache-Control
max-age=40254
Access-Control-Allow-Credentials
true
Access-Control-Expose-Headers
Content-Range
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Expires
Thu, 09 Feb 2023 07:47:05 GMT
mv27643138.json
cdn.flashtalking.com/160230/ Frame F2AE 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/160230/mv27643138.json?cb=901218517
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
4e932b4966bd6f55c56f5cf0aa6f434364fd9b21c7430c01471ecb63836b7b14

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:12 GMT
Content-Encoding
gzip
x-amz-meta-creative-id
3854629
x-amz-meta-creative-library-id
160230
X-FT-Origin
us
Connection
keep-alive
Content-Length
434
Last-Modified
Tue, 29 Nov 2022 03:45:58 GMT
Server
Flashtalking (AKA)
ETag
W/"21e856a35d6441cc7d09defceb2d29fe"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/json
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Vary
Accept-Encoding
Cache-Control
max-age=1200
X-Varnish
421178886
x-amz-meta-ad-type
HTML_onpage
x-amz-meta-version-id
27643138
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:12 GMT
status
accounts.google.com/gsi/ 		40 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/status?client_id=263002134568-g737gmd50lftc3h9p9hovqp1tjvcvqc1.apps.googleusercontent.com&as=JLGXZW1dxPx9z1cbJdVJOQ
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/gsi/client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f84.1e100.net
Software
ESF /
Resource Hash
2f4594682b70a77cd331769488cd8f4116d155f5ec00697f8fc188cbe75647e9
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FVqXLZ1AKG8vzS8pjxaFOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:12 GMT
content-security-policy
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-FVqXLZ1AKG8vzS8pjxaFOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options
nosniff
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://businessdesk.co.nz
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
21dc833ad72da429b12c05f6f64ef8e56a979166db6b97265f9b451bee2762fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12405
x-xss-protection
0
a
www.googletagmanager.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=OPT-M7TKLF7&cv=71&t=ol&s=h1&h=1169&p=opta&o=4000&l=1665&q=20&f=2245&e=129&i=13&d=-1063&c=-26&hc=0&sr=0.050000&ps=0.01539607335531823&cb=1926877280
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
rum
businessdesk.co.nz/cdn-cgi/ 		0
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://businessdesk.co.nz/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/vaafb692b2aea4879b33c060e79fe94621666317369993
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.12.105 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://businessdesk.co.nz/login
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
content-type
application/json

Response headers

date
Wed, 08 Feb 2023 20:36:12 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://businessdesk.co.nz
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
796727f7e90e1c5d-AKL
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1925303621&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ul=en-us&de=UTF-8&dt=BusinessDesk%20%7C%20NZ%20breaking%20news%20and%20commentary%20on%20business%2C%20NZX%20and%20politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=10&el=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=735292755.1675888564&uid=undefined&tid=UA-109240259-1&_gid=444111774.1675888566&gtm=45He3260n81WGJCJ63&cd1=undefined&cd2=undefined&z=1850129867
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 10:00:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38136
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1925303621&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ul=en-us&de=UTF-8&dt=BusinessDesk%20%7C%20NZ%20breaking%20news%20and%20commentary%20on%20business%2C%20NZX%20and%20politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=25&el=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=735292755.1675888564&uid=undefined&tid=UA-109240259-1&_gid=444111774.1675888566&gtm=45He3260n81WGJCJ63&cd1=undefined&cd2=undefined&z=945072349
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 10:00:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38136
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j99&a=1925303621&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&ul=en-us&de=UTF-8&dt=BusinessDesk%20%7C%20NZ%20breaking%20news%20and%20commentary%20on%20business%2C%20NZX%20and%20politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=50&el=https%3A%2F%2Fbusinessdesk.co.nz%2Flogin&_u=aADAAEABAAAAACAAI~&jid=&gjid=&cid=735292755.1675888564&uid=undefined&tid=UA-109240259-1&_gid=444111774.1675888566&gtm=45He3260n81WGJCJ63&cd1=undefined&cd2=undefined&z=1566167949
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 10:00:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38136
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
fm.flashtalking.com/feed/1613/trending/hotproducts/ Frame F2AE 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fm.flashtalking.com/feed/1613/trending/hotproducts/?backfill=true&ftCreds=1&numItems=9&
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.158.26 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
96a9cbf864f6ac1661ab03d143b7aec26a188c68199c4b5ba97f9717887c78d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.flashtalking.com
date
Wed, 08 Feb 2023 20:36:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
vary
Accept-Encoding
content-type
application/json
970x250-arrow-1217.png
cdn.flashtalking.com/160230/instantAssets/ Frame F2AE 		272 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/160230/instantAssets/970x250-arrow-1217.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
8d4597710b8010351ea857267c03a480e7cab92109ff4b5613f615544f75aab5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:12 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
272
Last-Modified
Fri, 03 Jun 2022 05:39:20 GMT
Server
Flashtalking (AKA)
ETag
W/"616db6a0a28c1e93008d1b0d4a015a40"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
X-Varnish
411353046
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:12 GMT
blank.png
cdn.flashtalking.com/160230/instantAssets/ Frame F2AE 		930 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/160230/instantAssets/blank.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
dfe3684f76014c97babef7ad2d774ec8c7d5860d3b4780ce221c56c02f89cd0b

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:12 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
930
Last-Modified
Tue, 29 Nov 2022 03:47:51 GMT
Server
Flashtalking (AKA)
ETag
W/"eaf83690316f7be2f638d54f6a6b2e26"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1200
X-Varnish
194680619
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:12 GMT
StagSans-Bold.woff
cdn.flashtalking.com/fonts/thewarehousegroup/ Frame F2AE 		49 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/fonts/thewarehousegroup/StagSans-Bold.woff
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
20f722b1b1d4cc97b50d48319f7bddec55fa4f2a6e119a3f08c6733202d501d1

Request headers

Referer
https://cdn.flashtalking.com/160230/3854629/css/style.css
Origin
https://cdn.flashtalking.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:12 GMT
x-amz-meta-origin-date-iso8601
2022-04-04T01:22:22.825Z
X-FT-Origin
us
Connection
keep-alive
Content-Length
50552
Last-Modified
Mon, 04 Apr 2022 01:22:59 GMT
Server
Flashtalking (AKA)
ETag
W/"5fe9e9da7111f5a1d4258f790cbdf803"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
X-Varnish
195512677 191438000
Access-Control-Allow-Origin
*
Content-Type
application/octet-stream
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Expose-Headers
Content-Range
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Expires
Thu, 09 Feb 2023 20:36:12 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020601.js?cb=31072215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 08 Feb 2023 20:36:12 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E0D2 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

accept-ranges
bytes
age
323786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 05 Feb 2023 02:39:46 GMT
expires
Mon, 05 Feb 2024 02:39:46 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame C9E3 		783 B
968 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f104.1e100.net
Software
GSE /
Resource Hash
cf6ffe9db71b96b204cc00e55018630edcf0043a8a821a087c035b1ba5d9e4e6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qEaT-W0b6TzITqLzmgoHDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://businessdesk.co.nz/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qEaT-W0b6TzITqLzmgoHDw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 08 Feb 2023 20:36:12 GMT
expires
Wed, 08 Feb 2023 20:36:12 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame C9E3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020601&jk=2518960240762682&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
pagead2.googlesyndication.com/bg/ Frame E0D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/qd5KMEVePpT1ECIYP18qBYKfQjivfqNOtA0cTjFsQVM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
sffe /
Resource Hash
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 16:09:08 GMT
content-encoding
br
x-content-type-options
nosniff
age
16025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14195
x-xss-protection
0
last-modified
Mon, 30 Jan 2023 11:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 16:09:08 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5434 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6978441434630&version=m202301230201&ct=76&x=1&cor=7798099716138502000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 08 Feb 2023 20:36:13 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame E0D2 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?OsW41A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
fm.flashtalking.com/feed/1613/trending/hotproducts/ Frame F2AE 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fm.flashtalking.com/feed/1613/trending/hotproducts/?backfill=true&ftCreds=1&numItems=9&
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/frameworks/js/api/2/10/html5API.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.192.158.26 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
96a9cbf864f6ac1661ab03d143b7aec26a188c68199c4b5ba97f9717887c78d6

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.flashtalking.com
date
Wed, 08 Feb 2023 20:36:13 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
vary
Accept-Encoding
content-type
application/json
get.php
img.flashtalking.com/temp/ Frame F2AE 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdwb8ae389d%2Fimages%2Fhi-res%2FB4%2FFD%2FN211801_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
ef971784333943805ef2f3e018107db073d69f79b0746bbc6cc0336c8cdf4403

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:14 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=427871
Connection
keep-alive, Transfer-Encoding
Expires
Mon, 13 Feb 2023 19:27:25 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?url=https://www.noelleeming.co.nz/on/demandware.static/-/Library-Sites-nlg-shared-library/default/dw3cd6b97f/core/product-badges/HotPrice.svg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
get.php
img.flashtalking.com/temp/ Frame F2AE 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdwd4c40d88%2Fimages%2Fhi-res%2FA3%2F44%2FN214540_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
73c1c25abe0358a72b2d33b8ebd1d2fe0a25873c5afa25db3b5fa60207ac14ed

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:14 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=427858
Connection
keep-alive, Transfer-Encoding
Expires
Mon, 13 Feb 2023 19:27:12 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdw649bc475%2Fimages%2Fhi-res%2F98%2F02%2FN207568_1.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
f3adf4cf5617f548a6dd7c88f6279064c6a3f6ac1fdb29f5b91708b4ce9dbb11

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:14 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=414578
Connection
keep-alive, Transfer-Encoding
Expires
Mon, 13 Feb 2023 15:45:52 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		61 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdwe60847a1%2Fimages%2Fhi-res%2F0D%2FD2%2FN185328_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
747a06f6db68ab3687c08a28730071820020969a4c6ba2a6fe0a815a1c818574

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:14 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=411611
Connection
keep-alive, Transfer-Encoding
Expires
Mon, 13 Feb 2023 14:56:25 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdw53f57aa5%2Fimages%2Fhi-res%2F24%2FE3%2FN148640_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
72ba8cb475b240f4033e907a7daba956b6aad814826e52206a1324321dd1caf3

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:14 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=603476
Connection
keep-alive
Content-Length
19257
Expires
Wed, 15 Feb 2023 20:14:10 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdw43e9eec5%2Fimages%2Fhi-res%2FE5%2F40%2FN215792_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
a414563006648540a30feb191b46c06079e4b552a745db274b7f0cdfba3720cd

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:15 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=830632
Connection
keep-alive, Transfer-Encoding
Expires
Sat, 18 Feb 2023 11:20:07 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdw8765c677%2Fimages%2Fhi-res%2FA7%2F2E%2FN214266_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
5da8cd2bf2fd3efabbf46a0f104ac0a097d5d05bc6ba4840870e1d4c973c8180

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:15 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=691058
Connection
keep-alive, Transfer-Encoding
Expires
Thu, 16 Feb 2023 20:33:53 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		46 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdw401f498b%2Fimages%2Fhi-res%2F76%2FC7%2FN212257_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
94851fe572c8ffbc4c1b10ee58c73f02495b9416b3eee5721fe397fba1d0086c

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:15 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=427806
Connection
keep-alive, Transfer-Encoding
Expires
Mon, 13 Feb 2023 19:26:21 GMT
get.php
img.flashtalking.com/temp/ Frame F2AE 		12 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.flashtalking.com/temp/get.php?w=270&h=270&url=https%3A%2F%2Fwww.noelleeming.co.nz%2Fon%2Fdemandware.static%2F-%2FSites-nlg-master-catalog%2Fdefault%2Fdw0857e35d%2Fimages%2Fhi-res%2FA3%2FBD%2FN181003_0.jpg&removeBackground
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
AKA /
Resource Hash
63154def8811963efd88af69da392fc5af1d6ed3301e7b924a2098055eece0cc

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
public
Date
Wed, 08 Feb 2023 20:36:15 GMT
Content-Encoding
gzip
Server
AKA
Vary
Accept-Encoding
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
X-Cache-Hit
false
Cache-Control
public, max-age=427797
Connection
keep-alive
Content-Length
11405
Expires
Mon, 13 Feb 2023 19:26:12 GMT
StagSans-SemiboldItalic.woff
cdn.flashtalking.com/fonts/thewarehousegroup/ Frame F2AE 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.flashtalking.com/fonts/thewarehousegroup/StagSans-SemiboldItalic.woff
Requested by
Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/160230/3854629/css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
2f0f9af3832661743508613540a6d504f22ac8fc4a16755475db921d57d18ff5

Request headers

Referer
https://cdn.flashtalking.com/160230/3854629/css/style.css
Origin
https://cdn.flashtalking.com
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:14 GMT
x-amz-meta-origin-date-iso8601
2022-03-31T10:39:58.010Z
X-FT-Origin
us
Connection
keep-alive
Content-Length
31620
Last-Modified
Thu, 31 Mar 2022 10:40:41 GMT
Server
Flashtalking (AKA)
ETag
W/"426514fece3557bed74817d47d54f03b"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET
X-Varnish
398676268 395355680
Access-Control-Allow-Origin
*
Content-Type
application/octet-stream
Cache-Control
max-age=86400
Access-Control-Allow-Credentials
true
Access-Control-Expose-Headers
Content-Range
Accept-Ranges
bytes
Access-Control-Allow-Headers
Range
Expires
Thu, 09 Feb 2023 20:36:14 GMT
/
servedby.flashtalking.com/state/6503683;3854629;27643138;402;FF49D726-7586-E06C-CC7D-F170E629EB58/ Frame F2AE 		42 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servedby.flashtalking.com/state/6503683;3854629;27643138;402;FF49D726-7586-E06C-CC7D-F170E629EB58/?ft_product=success__N211801_N214540_N207568_N185328_N148640_N215792_N214266_N212257_N181003&cachebuster=148295847
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.103.151.89 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-103-151-89.deploy.static.akamaitechnologies.com
Software
prod-xre-app3.tky11 /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 08 Feb 2023 20:36:15 GMT
Strict-Transport-Security
max-age=86400
Server
prod-xre-app3.tky11
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
42
Expires
Wed, 08 Feb 2023 20:36:15 GMT
log
play.google.com/ Frame 11B9 		131 B
550 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host:
URL: /_/gsi/_/js/k=gsi.gsi.en_GB.8U3e7w4gQ7A.O/am=6g/d=1/rs=AF0KOtXN-2BBKCMbHupTIMC2_YvoKOuk4w/m=credential_button_library
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 -, , ASN (),
Reverse DNS
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
X-Goog-AuthUser
0
accept-language
en-NZ,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Wed, 08 Feb 2023 20:36:14 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://accounts.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 08 Feb 2023 20:36:14 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.100 -, , ASN (),
Reverse DNS
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://accounts.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://accounts.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 08 Feb 2023 20:36:14 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020601&jk=2518960240762682&bg=!DQ6lDlrNAAaq5O5FiuQ7ADkAdvg8Wmd5w4LXEaZ90XtZ6j-J8nSzWsNUa1ljnRNbDE4l0wANtdUlGU7yOSLbAfJtIslFi9iBaM4CAAAASlIAAAACaAEHCgBAAKpJNqWb7gKPf0ferOKniK7OJ-Nj6pkJdmhk-GEiIZ4bDz0iWISJ6Ja8-54g4bOd2ffXxddBQJmG7QiG2-zSa5kCrO86WyhjxIzHQrFEJyE9RrKQiz7Evkxoy988HJ3CGYMdkn249QPHAVNHwP78zShju-yt--rGeHis5OyHCXxi2nu-4D6xZY3NKIf3XcmxSrsSkPJZsFg823LIK6ebhrLSKBYiXvmBsop0mSebnhEE883gtJQP1bgXKkVGMiNU_sUXmUqkPoAkE4jAQ82Ucwno-sT9Xg2eu19tkcJkbRacWXpFMrnTYcMzhjFp4j8-ba2TzpEzgo-IGomiyvEwVYopYIpxgHB5oqRvROYCZe2PxsgQemovJgoOmPzn0727gZ2T3ew6y3lHBff_nsE_mmJkP85WtG7g6-7MGKKhbQhWcEUj_XTFXVCYwA8ZSyeFJr1hqCyOMBb0WRzuXtWqybl3PN8nkrFp5WEUGhJYutIloOfBx4Dv3E50J5ERmPHQgZZnzz4EiMkgj4BsRRUePetegduQznuSnbhrZClB26GDhazV__SgvwsT0B6yQAjT8UF8v6czZXhiawf3ey3GLmvPJGM0C-yDiXLho-k2R-XkTWZpNsw9560VNx59astMKMnp9arYzoMyjt4aask3cE-XkEEXqZ1ZjR7g3gJp3LCngJUlqjsjmzhhHbDTQ1E5-H2Htbsave34-_BKW5z6jhRJJf7pd1YmfTNQEikAzuyhZO09iqT-8ppFU7sxSf-x0F8ZvxiIqPc5OPA5ZroI-Nzpoy8Ya_QOqVLBy1VUepmhMEJsXHmpT8ggsR67MC8PwPPkqQoWROQ0SI7EznA8tZUCI1eW6LYmtGnT7BcECREzhRS93zvg0RwzgSbJYZI1MMHkZSDGvebpyk1CgCR0mHkDINuxDwj_FPNfIKXhhg9A_z3cbPdndOq07E4n6I6eLFxjhm1JBK2g5npk5J53JpqisLvtTfStL23Dtgmswg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers
970x250-arrow-1217.png
cdn.flashtalking.com/160230/instantAssets/ Frame F2AE 		272 B
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.flashtalking.com/160230/instantAssets/970x250-arrow-1217.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.25.220.49 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-25-220-49.deploy.static.akamaitechnologies.com
Software
Flashtalking (AKA) /
Resource Hash
8d4597710b8010351ea857267c03a480e7cab92109ff4b5613f615544f75aab5

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://cdn.flashtalking.com/160230/3854629/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date
Wed, 08 Feb 2023 20:36:17 GMT
X-FT-Origin
us
Connection
keep-alive
Content-Length
272
Last-Modified
Fri, 03 Jun 2022 05:39:20 GMT
Server
Flashtalking (AKA)
ETag
W/"616db6a0a28c1e93008d1b0d4a015a40"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control
max-age=1195
X-Varnish
411353046
Accept-Ranges
bytes
Expires
Wed, 08 Feb 2023 20:56:12 GMT
imsync.ashx
ml314.com/ 		17 B
33 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ml314.com/imsync.ashx?pi=3633467751924760576&data=eyJwaCI6MTkxOCwid2giOjEyMDAsInRicyI6MCwiZHQiOjE1LCJwaWQiOiIxNjc1ODg4NTY1ODc1X3gwaGZqYjB5dSIsInNkIjoxMjAwfQ%3D%3D
Requested by
Host: ml314.com
URL: https://ml314.com/tag.aspx?812023
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
236.234.111.34.bc.googleusercontent.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea

Request headers

accept-language
en-NZ,en;q=0.9
Referer
https://businessdesk.co.nz/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Wed, 08 Feb 2023 20:36:20 GMT
via
1.1 google
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
content-type
application/javascript; charset=utf-8
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| Spark object| dataLayer string| dfp_site string| dfp_path object| dfp_tags object| default_gsi object| google function| logout function| openMainMenu function| closeMainMenu function| toggleSubMenu function| closeSubMenu function| addCopyright function| showSwgOffers object| SWG object| nzmeads object| googletag object| gptAdSlots function| initNZMEADS object| ggeac object| google_tag_data object| google_js_reporting_queue function| gtag object| webpackJsonp function| setImmediate function| clearImmediate object| __algolia function| Hammer function| URI function| axios function| _ function| moment function| Popper function| __ function| Vue object| Bus function| SparkForm function| SparkFormErrors object| braintreeCheckout object| google_tag_manager object| google_optimize object| UrlCache function| GaaGoogleSignInButton function| GaaGoogle3pSignInButton function| GaaSignInWithGoogleButton function| GaaMeteringRegwall function| GaaMetering object| userState object| SUBSCRIPTIONS object| __cfBeacon object| __G_ID_CLIENT__ object| closure_lm_974404 undefined| google_measure_js_timing string| prop object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal string| GoogleAnalyticsObject function| ga string| _linkedin_data_partner_id function| getSelectionText function| fbq function| _fbq function| twq object| _ml function| onYouTubeIframeAPIReady function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| pvar object| trac object| V60 object| NOLBUNDLE string| localstorageframe function| lintrk boolean| _already_called_lintrk object| regeneratorRuntime object| twttr object| gaplugins object| gaData function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents object| GoogleGcLKhOms

41 Cookies

Domain/Path Name / Value
businessdesk.co.nz/ Name: XSRF-TOKEN
Value: eyJpdiI6InY4Qjladk56cG53R1dwYmJCamtqSlE9PSIsInZhbHVlIjoiaDkyOWZVYkF6eDRkVGF0aHVNMHl2dHpOdUIwNXdYME5rK2RkZ1ptUHFTUFJhVHNTT1pnMkpaeVwvSjJ5VGk5T1wvIiwibWFjIjoiNDZmNjZlNzViODFkMDEwODVjMzJjYjQ1MzNmYTQzYWNkNmU4MjE1ZDU3OGUxMzZiOTgyNTUwOWNhZjFjZmU2NCJ9
businessdesk.co.nz/ Name: businessdesk_session
Value: eyJpdiI6IldwcjdCbnFCXC9wQU9BdXhNUnZWOEh3PT0iLCJ2YWx1ZSI6ImZPZlZYd0Q1U2xXbkZwekdBczFyRW8zZzJJc3FIeTVTQWRiMnMrUHFLeEk5b2VDcXZLVHFcL3U1YjhpZ3FnUkZZIiwibWFjIjoiYmZiY2NhYTVkOTNiNTlhNmQ1YTZjMDExNzFlMzcxYTJkY2YzNTRmZDk4MGIwYmQ5NjM1NjUyYjE4MTM2MmFjMiJ9
businessdesk.co.nz/ Name: team_join_request
Value: asked
.businessdesk.co.nz/ Name: _ga_DELVWQ0TM7
Value: GS1.1.1675888564.1.0.1675888564.0.0.0
.businessdesk.co.nz/ Name: _gcl_au
Value: 1.1.1631299251.1675888565
.businessdesk.co.nz/ Name: __gads
Value: ID=14160015400dae8c:T=1675888564:S=ALNI_MY_XihBCf4kd_NqCJ9DBpk02Mkh6Q
.businessdesk.co.nz/ Name: __gpi
Value: UID=00000bbe74a8aa91:T=1675888564:RT=1675888564:S=ALNI_Mb-H61gfscvXeUtkvv4os6nDHSomw
.businessdesk.co.nz/ Name: _ga_G2VHWVZHBS
Value: GS1.1.1675888565.1.0.1675888565.60.0.0
.businessdesk.co.nz/ Name: _ga
Value: GA1.3.735292755.1675888564
.businessdesk.co.nz/ Name: _gid
Value: GA1.3.444111774.1675888566
.businessdesk.co.nz/ Name: _gat_UA-109240259-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnsEspv21x3R_LYip-wDa8pyfYLbXtI3mH1J0TRPbgUxh-4Gp1I_SU0LUAY
.ml314.com/ Name: u
Value: aHR0cHM6Ly9idXNpbmVzc2Rlc2suY28ubnovbG9naW4=
.ml314.com/ Name: pi
Value: 3633467751924760576
.ml314.com/ Name: tp
Value: 3%3b2%2f8%2f2023+3%3a36%3a06+PM%3b0
businessdesk.co.nz/ Name: ln_or
Value: eyI1MDgyMjA0ODMiOiJkIn0%3D
.linkedin.com/ Name: li_sugr
Value: 3e8d41df-5cea-41ec-8ea3-776f662e4efa
.linkedin.com/ Name: bcookie
Value: "v=2&ebda0f80-a8bf-4919-8b54-bce079dcf34b"
.linkedin.com/ Name: lidc
Value: "b=OGST01:s=O:r=O:a=O:p=O:g=2877:u=1:x=1:i=1675888567:t=1675974967:v=2:sig=AQE0mBsB5DjDQcYl5qTCwjAVWBBg25xQ"
.t.co/ Name: muc_ads
Value: 489ae253-3351-4cb7-ab43-3ab48512a640
.adsrvr.org/ Name: TDID
Value: 593f0e26-b6bb-4806-affa-7a9fce1b6a8e
.twitter.com/ Name: personalization_id
Value: "v1_ojpSCpvKZg+XEPN5yLScAA=="
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2IlkmPc2@!]tbPl1M>e)ZlrFUfJ+tGXvWB:Ef]kVthTXD@Wk0>Y#s3Ki54=b#s'A%4qlv*bpRz*qF1`*b_Ub*%8Nw
.adnxs.com/ Name: uuid2
Value: 8334622341680899133
.linkedin.com/ Name: UserMatchHistory
Value: AQKowwHDn_QwRQAAAYYyviQ7Vdprl2EvAH-ni0NybtTOwJLIHljhaZBZJfzggbqktmWEbNdEsHn3Ww
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQLaBzRiSUl7tAAAAYYyviQ74PTPKZk65uiWDJ9QZBI-VeOiMW3nQww0EexSlgLTOpRlIjckA4JiG884ImHdUA
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHZDB0cm8xahILCN6t8rfEh8U7EAUYBSABKAIyCwimlMfj2ofFOxAFOAE.
.casalemedia.com/ Name: CMID
Value: Y.QHt7Bnh0YVbcbYXAONWwAA
.casalemedia.com/ Name: CMPS
Value: 4973
.casalemedia.com/ Name: CMPRO
Value: 4973
.crwdcntrl.net/ Name: _cc_dc
Value: 2
.crwdcntrl.net/ Name: _cc_id
Value: 6f47e58a10c7659f84c66137d0b74e08
.imrworldwide.com/ Name: IMRID
Value: 374100f0-a7f0-11ed-b11b-4b69aaac4ac6
.eyeota.net/ Name: mako_uid
Value: 18632be2713-f04000001084a19
.eyeota.net/ Name: SERVERID
Value: 18969~DM
.flashtalking.com/ Name: flashtalkingad1
Value: "GUID=5517BAD3A6766D"
.demdex.net/ Name: demdex
Value: 58809936874199640111524984304573226599
.businessdesk.co.nz/ Name: _fbp
Value: fb.2.1675888568358.2011117675
.www.linkedin.com/ Name: bscookie
Value: "v=1&202302082036087575046a-d7a7-4b5a-8a3e-9997001b6cfcAQFS-8nMkXi952uBd_1cLTLJfgOWc5Yj"
.dpm.demdex.net/ Name: dpm
Value: 58809936874199640111524984304573226599
.krxd.net/ Name: _kuid_
Value: PXjBz25H

5 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://businessdesk.co.nz/api/teams/check
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://www.googletagmanager.com/a?id=OPT-M7TKLF7&cv=71&t=ol&s=h1&h=1169&p=opta&o=4000&l=1665&q=20&f=2245&e=129&i=13&d=-1063&c=-26&hc=0&sr=0.050000&ps=0.01539607335531823&cb=1926877280
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://img.flashtalking.com/temp/get.php?url=https://www.noelleeming.co.nz/on/demandware.static/-/Library-Sites-nlg-shared-library/default/dw3cd6b97f/core/product-badges/HotPrice.svg
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
javascript warning URL: https://businessdesk.co.nz/login
Message:
The resource https://businessdesk.co.nz/img/logo.png was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src * 'unsafe-inline' 'unsafe-eval'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline'; font-src * 'unsafe-inline' data:
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10888750.fls.doubleclick.net
4a24649ada73d68c47e9b37ee7d2ca3f.safeframe.googlesyndication.com
4qnitimppku2hvkonpxjl71vk8ldi1675888568.nuid.imrworldwide.com
9751041.fls.doubleclick.net
accounts.google.com
adservice.google.co.nz
adservice.google.com
analytics.google.com
analytics.twitter.com
beacon.krxd.net
businessdesk.co.nz
cdn-gl.imrworldwide.com
cdn.flashtalking.com
cdn.krxd.net
cdn.linkedin.oribi.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
consumer.krxd.net
csp.withgoogle.com
dpm.demdex.net
dsum-sec.casalemedia.com
email.mail.businessdesk.co.nz
firebase.googleapis.com
firebaseinstallations.googleapis.com
fm.flashtalking.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
img.flashtalking.com
in.ml314.com
karma-tracker.nzmedata.co.nz
match.adsrvr.org
ml314.com
news.google.com
nzme-ads.co.nz
pagead2.googlesyndication.com
play.google.com
ps.eyeota.net
px.ads.linkedin.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
servedby.flashtalking.com
snap.licdn.com
static.ads-twitter.com
static.cloudflareinsights.com
stats.g.doubleclick.net
sync.crwdcntrl.net
t.co
tpc.googlesyndication.com
www.businessdesk.co.nz
www.facebook.com
www.google-analytics.com
www.google.co.nz
www.google.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.linkedin.com
104.103.151.89
104.16.56.101
104.17.24.14
104.18.12.105
104.18.13.105
104.244.42.133
104.244.42.67
104.254.151.68
108.174.10.20
13.227.254.18
13.35.8.118
13.35.8.26
139.5.84.243
142.250.4.132
142.250.4.154
142.250.4.156
142.250.4.94
142.250.4.97
142.251.10.154
142.251.12.100
142.251.12.141
142.251.12.95
15.197.193.217
151.101.66.133
157.240.13.19
157.240.13.35
172.217.194.113
172.217.194.132
172.217.194.154
172.217.194.94
172.253.118.100
172.253.118.104
172.253.118.155
172.67.71.218
18.136.33.92
18.141.80.142
184.25.220.49
199.232.44.157
216.239.38.181
23.45.116.82
3.0.242.200
34.110.169.10
34.111.234.236
34.192.158.26
34.86.85.56
52.35.196.159
52.43.194.186
52.89.238.92
54.192.150.79
74.125.130.95
74.125.24.148
74.125.24.149
74.125.24.156
74.125.24.84
74.125.24.94
74.125.68.113
74.125.68.95
098bb4cccf4672fe96b2d63ed98844ee78e55f79c3b50197f5ac4f2041519e3f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f48c5678ce459a596423b0e55344e7ad8eb3d3b1b27c54cd76a9d4cee7dd6c3
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
12b480577535f9d85580918bff93299cb85735daebe4137e5fb2a2a438ce80ab
12bdd1be8c5c8de84d75fb2502d71b999bbdc7baa7df3cd9452a835bb869ac49
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
17214c8529a8c33e15d857141c56353bd26b03095b0cf0c5ed7d98b8c3d84e80
1a580e618647c66a882b88050750f58a55844c94ad090f5271058508bb7cb894
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1c75abd73c698ac4ef928c26af43b880cb8ec01769516383f95055e96e6502d5
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1f0595d8b1e321973c827e69d735de28cdf4d7c2a18d1f3026ed22ec99da1e48
20f722b1b1d4cc97b50d48319f7bddec55fa4f2a6e119a3f08c6733202d501d1
21506aa635a6008f6df622b96ede0c7749dbcda6473f084cb6104c55e482ec1a
21dc833ad72da429b12c05f6f64ef8e56a979166db6b97265f9b451bee2762fd
22ad2a17d1b4801b7325be78a650d3731d6d72e699ad8cc826399b9bcb771c64
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27253ecc4fdc71b533adcc99990d12cb54c8556265a7d7141a699537bebb5926
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae
2b346fa076a692a91f0a9629a82899a296d2a4192d46bf699dce4dfd7d784df9
2bf373aab01a96fddf0099658b27e2eefb64c4aac7061d97d629fd7ca9a42534
2c2deb2c4402dd1ca1fc690f73a7d1f7f4cc2d37001b3ee5a3535d813cbdb11f
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2d2dadc8bcf59a29f2ef81dff72426a8a02bd2feaba6f47b8c0a9a48b590b8c7
2f0f9af3832661743508613540a6d504f22ac8fc4a16755475db921d57d18ff5
2f269a5cb198eecd66c85007100ce70bb17a7960ca65e496c941294e262aacc5
2f4594682b70a77cd331769488cd8f4116d155f5ec00697f8fc188cbe75647e9
30c8ed14fdab8dcf3701a56c71402d7d6b1bfc18fd3c1974d86f0629ecae0ae9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
329599ea5c2bfaaa543d4041a0518235697858f8e03416404eacbe96a01fd893
350a787a722a405da6e1c1c8de24d50a63726bef3d25e8fb020352e60ef35ee2
3d2dcc5528169b3cff0ccd987c6ba90a188bcf74703d565633081eb01d9f5f0c
3d3bb0f386bdbf711aefbe327333a7b0c16cdea5fd8e92c9d04e34082be4ac18
40cfaa27e01d2d69d767c0a536268304a535e9d144029578068b824981070ff8
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
486ce775ab3316f37828f36e963aa8ac43e7081a2e463dbc56325faad63abd36
48b6040437795eb6da4ad13a9db13c903b8f2f38cdf49abfe76bf1818e31117b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c177e4e7d46fc0cd191cfd21e1d4fb24229e5c03e491cec02b6a4cd1c459ded
4e932b4966bd6f55c56f5cf0aa6f434364fd9b21c7430c01471ecb63836b7b14
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5847ab863b72dbbdfee3418c860fd3200a0dc041be8bbe91c811cfa03f9d8764
5898d11593913b009eb660a4fd5422a5f2219b29f87740fde97f8f48f8811a9e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b508ce49695885ca62a1edf8fb793beb19ace345806089de5acce175a3bb0f2
5da8cd2bf2fd3efabbf46a0f104ac0a097d5d05bc6ba4840870e1d4c973c8180
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62ce950ad0d7f664b316b4253bbc993bf0bf8310970f64b150fda6f1fa59dfea
63154def8811963efd88af69da392fc5af1d6ed3301e7b924a2098055eece0cc
689ae3ac9612d88f14b7a939f4dcb98bbc3c9da40847ba2e3cfdc37f76686b89
694db80cb21305c3763457d74832d7a28981b926a7b1a344a3c89169b78018a1
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
70a8e6edcbb1e7e9e720f26dd6a810e9e979e804595c5c111bcd65fc49e442e4
713cab74266c9e09db6fc5c6cf38ffdcd4f2af3e7fa5901b13b0ccf03b284706
7272ad39825d1a92d75385a9a2affec466cd24f404b6deea7f95a5bbb79d0421
72ba8cb475b240f4033e907a7daba956b6aad814826e52206a1324321dd1caf3
73c1c25abe0358a72b2d33b8ebd1d2fe0a25873c5afa25db3b5fa60207ac14ed
747a06f6db68ab3687c08a28730071820020969a4c6ba2a6fe0a815a1c818574
74e6788349f9cd27d6f050c1e181289f538034e59c34338951187f0d9c1e1103
78cf2679978a70b41384ddffe97a37dd89d4e5775092725b8d36d7c515cbe02c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7f569de4d60a827457280863662986e8d39cdb037f6659d15091e17f51bf6bda
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87b7a32ec284ff3beb145999f06d7a428bcfe07b4df2a24100c9b2a9013c0b6a
888fee914ccdd03fcf212b38e80d9da7fc579582e50f886462b139ee0ee9130c
8c50786db04ddb5617a22ce2d10e82b0a0bac3083b031d4c9d772ffafc294887
8d4597710b8010351ea857267c03a480e7cab92109ff4b5613f615544f75aab5
8f21242757edba351147b1293a68641e6826e8f385aee00a9f1ff0ed308f6bc0
9059aae0e11c2cdf3c59f4cc77d8a00561327f43f9308a2f44878a8013f63ede
912cacf069c21c78cb7c53a315163264031a8376e9ec46c0a92abd0b6674ccc6
94851fe572c8ffbc4c1b10ee58c73f02495b9416b3eee5721fe397fba1d0086c
954bfdf81f6e7d131149c5959e64577b2545a2655db6b0cc4fa32e572cc9907f
96a9cbf864f6ac1661ab03d143b7aec26a188c68199c4b5ba97f9717887c78d6
9943733948dea5c7a87af84773c98c177e8652cf8ce83c482113b823f77b26dc
9c93195813675fa31c0528faf61a9c4d1faa4546a8bbb650e442b89e960df657
9d1e1c18da99918e77b2a3c587491a47c79c93d65e0f6219a33d50c60e5616ad
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a414563006648540a30feb191b46c06079e4b552a745db274b7f0cdfba3720cd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6a9da373b04727fc904693c0e325137af8b368dee6e849ab1f8cb56525406a1
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
a7d2643a1af02dfd8b5e08cd66cf9510eaa87df713bd78f3b074b2dcf3e08540
a9de4a30455e3e94f51022183f5f2a05829f4238af7ea34eb40d1c4e316c4153
aa43888d20f6d8bbe6d11ae8db26eca226c8e3578ad960f97b92f3bb86ad59d6
abca59c1f5a3723619784bd231b3d8cb67b5bafbb45a6a3067c5ce15f9c282c9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad17cc06c1d9df406a1b5c352ebe39ffe09f04c40b5aec8f1fded8139cd5a482
ad6bc1f2d516ba29bd9bc579961987b191c59d60b45caca00ee694ac37b66f96
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0c92f082bb7ee75d44c24d26061f9129d26b0a74adfe61eae310fc1fa133a26
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b24207967ac402c984033e70a55264014d8a2c4a6528b5196881e3781f0c5a44
b25050208b1492998f5c2ee37df2c58306b910355f10bf7e9a84c7391268e39b
b294e17282ff14dc43fdee7f28ba7139b3613e3be285e0d67898d64443f4d595
b29a8f5cd6937592b2aad723385204b0633d519300ef632cf8361d1b47e72553
b3b91f4345dc4ea30e7767250988defaf93836b2727d78abff53732ddfbae03a
b75cedbb0213e274bb6ef44e70d0d15edfdfbdbd35f7b6cb1ea65a1c63600312
b847942f2aa4880e870f04f88d6b99a99962a8f26b3e58b308c69df3bc018595
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1e56ad863615fc191d80d7807852db95e57579f6535186d83d04ecdebef5236
c429b056c18833dd3d7fe28ab8ba904526ad1375398ffac0a0e4f2d278e1ac43
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
cc9a291be43acac5a0c636a2bca8c32793c31e279a74e0b4842482c0fc7c7cb6
cdd37f9a07440ef5f15c27d70c162dc06e7790d2da1dfdbb6fd9d595b32db277
cf6ffe9db71b96b204cc00e55018630edcf0043a8a821a087c035b1ba5d9e4e6
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
cf94ecfa5eb3a18f1659ee69e486cec4d981abafa0e4bcce88a87e18a2a03f48
d0e4a6372d6fb5ffe9505dbe9e94aee8f1b9b96ec8e5e20684cce8b4c5a88fa7
d10ec7f1080c37383e3b794a74f9c4119daf10649a3b2d4d571bd939ba0ca654
d15b241c28372f234a6f874dd16eb56284a2148dba69d7741b1d4a8f152a696e
d2e54b39dcd2bb517ddbec35ad05dc8d61b3b5e475d56468a4b3db2e14856de0
d61d13a7422dc5d91c9499ca64f85f04e50ebed68d57047aade7fc950b6fb9a3
daf221f738c29d148afbb9bcf0952da9011cc34f7900c8827958e995466a3b3f
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
dfe3684f76014c97babef7ad2d774ec8c7d5860d3b4780ce221c56c02f89cd0b
e000a93911cb1074f46b39ffaa048beb2bf5e55b45f65a3a398eb6648b7fbba5
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e786cf80cef734d04bc4967ee04ef3846ed13d090b9ac1cbba8d8cdec86a5aae
e9391ee65f6343d19726ddc38563462d51b4694f1b5c961fce6035cfd861e77c
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d
ece07b1e647f61dff4e40bce6cde91d8f9bef75fa67dc27fc9cf60a2403be6d3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef971784333943805ef2f3e018107db073d69f79b0746bbc6cc0336c8cdf4403
f3adf4cf5617f548a6dd7c88f6279064c6a3f6ac1fdb29f5b91708b4ce9dbb11
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f9cceab3a20f0d6525e99a8bd13eec9a0706b78a276107891721c7e3ba09d8a6
fac5da0573738445914239b601391b9f2ac194e543b7a0400a8bbee267b97f3a