www.entertainmentnz.com Open in urlscan Pro
34.251.201.224  Public Scan

65 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79

• https://www.googleadservices.com/pagead/conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data= HTTP 302
• https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=iiffYtTdG9XJx_APuOSu8AY&random=1766641107&sscte=1&crd= HTTP 302
• https://www.google.com/pagead/1p-conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1766641107&sscte=1&crd=&is_vtc=1&ocp_id=iiffYtTdG9XJx_APuOSu8AY&random=3097993258 HTTP 302
• https://www.google.de/pagead/1p-conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1766641107&sscte=1&crd=&is_vtc=1&ocp_id=iiffYtTdG9XJx_APuOSu8AY&random=3097993258&ipr=y&prhg=0

Request Chain 86

• https://t.cfjump.com/tag/77291 HTTP 302
• https://cfjump.entertainment.com.au/tag/77291

126 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request promotions Show response www.entertainmentnz.com/	299 KB 52 KB	338ms 59ms	Document text/html	34.251.201.224 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 34.251.201.224 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-34-251-201-224.eu-west-1.compute.amazonaws.com Software openresty / Resource Hash 2824a876a6a2a50ba9b5bf39d17b1fe8c75c2a717c480b5f16e4c9ff2679a693 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 37411 content-encoding gzip content-length 52644 content-type text/html date Mon, 25 Jul 2022 23:30:14 GMT server openresty vary x-wf-forwarded-proto, Accept-Encoding via 1.1 varnish, 1.1 varnish x-cache HIT, HIT x-cache-hits 1, 1 x-cluster-name eu-west-1-prod-edge-blue x-lambda-id 15e89d43-351b-412d-b4d4-b6a2ea89df79 x-served-by cache-iad-kiad7000154-IAD, cache-dub4347-DUB x-timer S1658791814.346492,VS0,VE1
GET H2	200	fs-entertainment.119295a63.css assets-global.website-files.com/5f76447a9c67b65c8943a118/css/	245 KB 32 KB	68ms 9ms	Stylesheet text/css	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/css/fs-entertainment.119295a63.css Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f0bc17c10ac65d7a7b041df39de2d930b2f30d89bf2020da9faa0d33c5afde70 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 05:16:18 GMT content-encoding gzip age 65637 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 32616 via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Wed, 06 Jul 2022 21:51:47 GMT server AmazonS3 etag "d874638ca569b243bdd56eb7b610057f" x-amz-version-id sOYJwbJlOHjfVjz_MRuoDUFJgLpF6rP4 access-control-allow-origin * cache-control max-age=84600, must-revalidate x-amz-cf-pop FRA56-P6 accept-ranges bytes content-type text/css x-amz-cf-id ShgEv8OBth8Ux4DYz65gSZnOpKDTLJU-ljd9UxhS0Vch_vEqgyin6w==
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	118ms 35ms	Script text/javascript	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 18:34:23 GMT content-encoding gzip x-content-type-options nosniff age 17751 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Jul 2023 18:34:23 GMT
GET H2	200	api.js Show response www.google.com/recaptcha/	850 B 970 B	122ms 35ms	Script text/javascript	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash bb20f2bd22fd57615fb848f5ec91d2652028d683111c2023be956d689c865e42 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:14 GMT content-encoding gzip x-content-type-options nosniff server GSE x-frame-options SAMEORIGIN content-type text/javascript; charset=UTF-8 cache-control private, max-age=300 cross-origin-resource-policy cross-origin content-security-policy frame-ancestors 'self' alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 557 x-xss-protection 1; mode=block expires Mon, 25 Jul 2022 23:30:14 GMT
GET H2	200	runtime.min.js Show response cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/	7 KB 3 KB	40ms 14ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/regenerator-runtime@0.13.9/runtime.min.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b1ff87b9f2bd4d7a3a95b21b68cba8db293658f4eb4f0e9c7cd4f2add04d029 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:14 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 10936701 x-jsd-version 0.13.9 x-cache HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19153-FRA timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"1ae3-ibe1HprTKwRP7P1b6jzPCqQJUrE" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mr4UEaay1oy5eTo%2B93M4xN7e8vpkUk0e3Dt6wehwHS1Hw0dPKykLmwAqw1WtXD%2BaZi3FTBlkGJPQFcySNjxJZ5VEXzuHhLsUTReNBSiNnGVWaN69jCBwJ3%2B1okv7CrI6JvzPHUQXsQ3GX56t%2FZ4%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 7308aea83e43995c-FRA
GET H2	200	MetaPixel.js Show response cdn.jsdelivr.net/npm/@entertainmentwebflow/login-entertainment@1/dist/utils/	835 B 826 B	412ms 386ms	Script application/javascript	2606:4700::6810:5814 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/@entertainmentwebflow/login-entertainment@1/dist/utils/MetaPixel.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4521591756b7f5f27e37ab2e3479da305118a394d9368dba7a374910b5372475 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:14 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} x-jsd-version 1.0.6 x-cache HIT, MISS cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19149-FRA, cache-iad-kiad7000093-IAD timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"343-9aitmw60+jTfUOkaGlu3Iv2drEs" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkmJbBn0FbrpqJl3svsBSvL7oOWsu650i8Otx2WJnWlg2cHJHkh4O%2F5GH%2BjxW0BLJkafXXGVz7%2FaEKCNd%2F8p7wvyA9s%2FF8%2B4bs6SFmx9V6HQzkEn621odvn27n3t%2FUIFfTWAzQz4Rk%2FceE%2BTFPU%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=604800, s-maxage=43200 cf-ray 7308aea84e44995c-FRA access-control-expose-headers *
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	36ms 9ms	Script application/javascript	52.222.232.99 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5f76447a9c67b65c8943a118 Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.222.232.99 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-52-222-232-99.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 06:25:45 GMT content-encoding gzip vary Accept-Encoding age 61495 x-cache Hit from cloudfront access-control-allow-origin * last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" access-control-max-age 3000 access-control-allow-methods GET content-type application/javascript via 1.1 f8f9f25f837c0ce4e62b6d917642b56a.cloudfront.net (CloudFront) cache-control max-age=84600, must-revalidate x-amz-cf-pop FRA56-P4 x-amz-cf-id PjWSMT-_C4AXpzXFPbBlD30QMrwl9Jsf3ItoeIjdRQqUhRGkKe--3w==
GET H2	200	fs-entertainment.998619a8b.js Show response assets-global.website-files.com/5f76447a9c67b65c8943a118/js/	680 KB 155 KB	35ms 16ms	Script text/javascript	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/js/fs-entertainment.998619a8b.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 512dc7f30f14a491cef34da8d0eea904e3b05ae219fffe11c36953a3bb3fd42b Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 04:58:40 GMT content-encoding gzip age 66695 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 157684 via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Wed, 06 Jul 2022 21:51:48 GMT server AmazonS3 etag "0c91370513bede73fbe5a5e34be29456" x-amz-version-id kxFfGtjAlpDQ4WcenaD2Nw5AmGvYC5IP access-control-allow-origin * cache-control max-age=84600, must-revalidate x-amz-cf-pop FRA56-P6 accept-ranges bytes content-type text/javascript x-amz-cf-id VEiIEqcUnzt0q0AYnl1siiYqnD7edTT0NzOZvwu-F770igyUFSbatw==
GET H2	200	css fonts.googleapis.com/	6 KB 1 KB	123ms 38ms	Stylesheet text/css	2a00:1450:4001:82a::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:regular,500,700 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7099b0a5636275b29bf77167ad5d60c566b1162e67cb1fe6e790a82a4cf9e791 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Mon, 25 Jul 2022 23:30:14 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Mon, 25 Jul 2022 23:30:14 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 25 Jul 2022 23:30:14 GMT
GET H2	200	recaptcha__de.js Show response www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/	365 KB 145 KB	129ms 38ms	Script text/javascript	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/recaptcha/releases/CHIHFAf1bjFPOjwwi5Xa4cWR/recaptcha__de.js Requested by Host: www.google.com URL: https://www.google.com/recaptcha/api.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 64d2c94f105aa89f733e51b81c045de674b47325ef4f04526ec9bb632c44fd91 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 15:40:36 GMT content-encoding gzip x-content-type-options nosniff age 28178 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 147954 x-xss-protection 0 last-modified Mon, 18 Jul 2022 04:01:20 GMT server sffe cross-origin-opener-policy same-origin-allow-popups; report-to="recaptcha" vary Accept-Encoding report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 25 Jul 2023 15:40:36 GMT
GET H2	200	mcards.esm.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	11 KB 3 KB	405ms 331ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/mcards.esm.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 12a6ea700c85610a0100fc520cf12fc80b76514332d4ab388c03b513deb27a49 Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:15 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"d0cfe5ed0b9d18999be8e6aea6645093" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id R0QKAoqvQQcAx54_PZeoWX64vQGvQnNqSs2lDZL7vV5ufJm1msC8mQ== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	buy-bucks.esm.js Show response production.d1c8he8zul0rg4.amplifyapp.com/build/	526 B 942 B	381ms 321ms	Script application/javascript	18.66.248.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.12 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-12.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 8ef34e1afdd36e60a0725fd35229ed9d08a76170dbab5c7e0c21cb75887776e4 Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:15 GMT via 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront) last-modified Thu, 28 Oct 2021 21:58:02 GMT server AmazonS3 x-amz-cf-pop DUS51-P1 etag "3eeb3ecf2912566c84eaeb2e7ae3592e" x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 accept-ranges bytes content-length 526 x-amz-cf-id dimVRjX3d0UxEJWiwX4HsoyXAdI3FlEHRhZ6uvY4hUpwUTm2AVQNMQ==
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	147ms 38ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:regular,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 08:01:51 GMT x-content-type-options nosniff age 401303 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 21 Jul 2023 08:01:51 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	16 KB 16 KB	149ms 40ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:regular,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 20:10:25 GMT x-content-type-options nosniff age 443989 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 20:10:25 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	157ms 49ms	Font font/woff2	2a00:1450:4001:80e::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:regular,500,700 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Wed, 20 Jul 2022 08:44:49 GMT x-content-type-options nosniff age 485125 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 20 Jul 2023 08:44:49 GMT
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	98 KB 26 KB	37ms 8ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash ae31d2c42bca396f9ad140594890b16f599b6cd8f36c809adac8ebd5eb45b2e5 Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 content-length 26093 x-xss-protection 0 pragma public x-fb-debug 4yyeIYoxvAJBQDBVkZMBlfvyKUKOttYCZK0ke2ptnk9xXMkDhoslj7LRx+coqyHPwQbXfbtVncv3/5xYJ4sKwQ== x-fb-trip-id 2050670934 x-frame-options DENY date Mon, 25 Jul 2022 23:30:14 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	60248f5e97a4d24864ec1ec1_Entertainment_Brandmark_RGB_Clementine.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	4 KB 2 KB	10ms 9ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/60248f5e97a4d24864ec1ec1_Entertainment_Brandmark_RGB_Clementine.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c59053fc74c5445511b760879dc3169aed98d3cebe60b407fd2257fc73434d91 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 02 Dec 2021 11:50:24 GMT content-encoding gzip age 20345990 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Thu, 11 Feb 2021 02:38:49 GMT server AmazonS3 etag W/"f75814f522d6ef901c6e7adaab218589" vary Accept-Encoding x-amz-version-id QSN_yCDOBbAdCIeNNNkNodx8G3TBqBHA access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id _ot08iGX-6cTUIjpTZG217kjyMeThYIZhjJkYkqXLlSxZuu6Dx75ig==
GET H2	200	5f8dd232beec0bf08e5cdac5_lottieflow-menu-nav-09-000000-easey.json Show response assets-global.website-files.com/5f76447a9c67b65c8943a118/	6 KB 1 KB	26ms 11ms	XHR application/json	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/5f8dd232beec0bf08e5cdac5_lottieflow-menu-nav-09-000000-easey.json Requested by Host: assets-global.website-files.com URL: https://assets-global.website-files.com/5f76447a9c67b65c8943a118/js/fs-entertainment.998619a8b.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e8106675d0ac73f3816d3923e909a6aad9edbf246c40db5e5db675d8016fd0da Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 13 Jun 2022 12:07:13 GMT content-encoding gzip age 3669782 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 dc85053069397a282d87170bb1bcab4a.cloudfront.net (CloudFront) last-modified Mon, 19 Oct 2020 17:51:48 GMT server AmazonS3 etag W/"242ac1c7cfaef26d04e21021dc8d78cb" vary Accept-Encoding x-amz-version-id zQ5Jnnbz_M8DPkWzRXj2Y36tEMesG2bf access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type application/json x-amz-cf-id rs2QUQjx01n5M2Rpm0uPNt_uqp1646AZfxbbdcltr3JYhQgnHMvkXQ==
GET H2	200	swiper-bundle.min.js Show response cdnjs.cloudflare.com/ajax/libs/Swiper/6.7.5/	142 KB 33 KB	54ms 22ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.7.5/swiper-bundle.min.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 49bdb416c95b403ea89b3d54853b9b6f26000bf66e45e6ff19b1186e8aeeecf9 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:15 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 447422 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 33634 timing-allow-origin * last-modified Thu, 01 Jul 2021 15:06:31 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60ddd9f7-8362" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNN1ALnjOEuDa9Dwe8FZ6mzQLrVCvChy2KQYpBObPinvJT8NDX%2BidjMab4B3kXwnxTSqI%2FNWvzpt0Bh52G2TOt0qhwYdfxOSq7qwsAOCFWZL3cf8vl%2FPlSeJIMiAqRWoPiI%2FpoUr1QlboOlAQJPDh3jw"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7308aeabb88b913a-FRA expires Sat, 15 Jul 2023 23:30:15 GMT
GET H2	200	swiper-bundle.css cdnjs.cloudflare.com/ajax/libs/Swiper/6.7.5/	16 KB 4 KB	51ms 19ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.7.5/swiper-bundle.css Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cbcf80e5cd1d6d67ecce45dac7c53b861a46cd7546e51ce80a74e7c234935a90 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:14 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 5293344 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3814 timing-allow-origin * last-modified Thu, 01 Jul 2021 15:06:31 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "60ddd9f7-ee6" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IILDdOzMjW3Ra%2BGv09sYIHkQX2fk68hLp5yCyApoqMoo165dmDltvGogWerlh163Zt04KN9q0NaTWK7nUxu4ncbI0M0PeDTkcM9ilpucbZNm%2Bpc9Np107cWMqU3GVEta2VLn5mNx76jQgqqmJg0riwUJ"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7308aeabb889913a-FRA expires Sat, 15 Jul 2023 23:30:14 GMT
GET H2	200	60249b09ee606652e106126d_Entertainment_Symbol_RGB_Ivory%20(4).svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	1014 B 1000 B	14ms 13ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/60249b09ee606652e106126d_Entertainment_Symbol_RGB_Ivory%20(4).svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c51bbeda26a7ced47172db784c8330d359b6183a83c4778f5063f0d0141a2a6d Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sat, 04 Jun 2022 07:08:09 GMT content-encoding gzip age 4465326 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Thu, 11 Feb 2021 02:48:43 GMT server AmazonS3 etag W/"009986946f6194add9c329a218e45b3b" vary Accept-Encoding x-amz-version-id PRNi853Dg6oM8wH83EYWbXXo7PAtjUiX access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id nX7PVsIJBTI6w3fDOC7QI60g71SosxwjY5YpMIx1ww2YidncM1FVPw==
GET H2	200	5f7f8b2863914a6e22506be6_apple-store-icon-png-free-download-fourjayorg-app-store-icon-png-1000_736%201.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	135 KB 101 KB	11ms 9ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/5f7f8b2863914a6e22506be6_apple-store-icon-png-free-download-fourjayorg-app-store-icon-png-1000_736%201.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash c533bdc41028c574a5282857d4e9b77d8b497f3bb62156936ff0a2125a6ac426 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 05 Jun 2022 05:56:06 GMT content-encoding gzip age 4383249 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Thu, 08 Oct 2020 21:56:59 GMT server AmazonS3 etag W/"d693a3a2fa0378346cb7d31b2db7cd78" vary Accept-Encoding x-amz-version-id aQUb1uvBqC7d_kjA4qKo8aopkVVkOCMi access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id y5wAest66bSuF8l_hMN1EFTC1czGeWZqYp0FLz6R2SxBn2F_XEt2Iw==
GET H2	200	5f7f8b28d2ad9ce1f95d7de1_apple-store-icon-png-free-download-fourjayorg-app-store-icon-png-1000_736%202.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	135 KB 101 KB	15ms 14ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/5f7f8b28d2ad9ce1f95d7de1_apple-store-icon-png-free-download-fourjayorg-app-store-icon-png-1000_736%202.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 79b3f9988f8c27e8425dd9514e00f3ce0d04873c255045277e414f7d77e9c41d Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 05 Jun 2022 05:56:06 GMT content-encoding gzip age 4383249 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Thu, 08 Oct 2020 21:56:59 GMT server AmazonS3 etag W/"d57f4afaeb2f4c87b7b8d89cde718bdf" vary Accept-Encoding x-amz-version-id L_q1il1yLG5zI5VsYsdIZtSVfnvI..zr access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id ib9oabXAsZ_S4q5rmN-owQpXDAlVogcjGeH0vBtYhB_Xah9X5UtbOA==
GET H2	200	62344cfaa844c533bb69db47_linkedin.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	1023 B 1015 B	14ms 13ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/62344cfaa844c533bb69db47_linkedin.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6764142d9c3a1781f5f671b90f86309699f21474015b47c7496856a0f8984b7b Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 23 May 2022 04:10:00 GMT content-encoding gzip age 5512815 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Fri, 18 Mar 2022 09:12:29 GMT server AmazonS3 etag W/"52f6f8cae921a0e1909d7292fb6ecb90" vary Accept-Encoding x-amz-version-id j1r7ljKcxyfwk2Ss3srmI0zakb4413v7 access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id 7Wa1nI_pkTnchuPjQ4fDMVZfWWTdqPvOWUvXj7onuhh1hjHxG2ymyA==
GET H2	200	5ffc37d66679671acb688bb2_Group%202775.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	491 B 951 B	19ms 17ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/5ffc37d66679671acb688bb2_Group%202775.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 05ca14456fb1cc55d71b914eb61959869cfb58468165e0e7bde8453f26752ab4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 30 Aug 2021 02:15:00 GMT via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) age 28502114 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 491 last-modified Mon, 11 Jan 2021 11:34:48 GMT server AmazonS3 etag "930d3491a299779a84bce0bbf65d7e74" x-amz-version-id Z86NCY1wlza1i4my4pPR46aKFr1Y._GS access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 accept-ranges bytes content-type image/svg+xml x-amz-cf-id yMbrbvI2ffoJVwoluoMHuVQdB-Gha-ISRZj2978zoFglsYlTQG6Alw==
GET H2	200	5ffc37d7c4f51947f6ef8bf4_Group%202774.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	2 KB 1 KB	17ms 16ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/5ffc37d7c4f51947f6ef8bf4_Group%202774.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 599b8d5964ab674de192fc6d59051c97d3d5d1ec76f449cea4782a3b5c9d7f40 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sat, 04 Jun 2022 07:08:09 GMT content-encoding gzip age 4465326 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Mon, 11 Jan 2021 11:34:49 GMT server AmazonS3 etag W/"98e20c51ff16efda126b903deb13bf02" vary Accept-Encoding x-amz-version-id LbHkVwDBbk2ZgGsdDhLMrswO2MQaJCp3 access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id UgS6iUCkwDTItUzvmgjDAuNcrtjVCWKr4v-SEhXncpcF4-3Edj7Ouw==
GET H2	200	5ffc37d6e0aab6e75e28748d_Group%202773.svg assets-global.website-files.com/5f76447a9c67b65c8943a118/	435 KB 329 KB	19ms 18ms	Image image/svg+xml	2600:9000:2490:400:12:9e5f:cac0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://assets-global.website-files.com/5f76447a9c67b65c8943a118/5ffc37d6e0aab6e75e28748d_Group%202773.svg Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2490:400:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 953e897630797f724af343a97e9fe4a58ff062fa7c99b4d0eacaebb9b0346f17 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Sun, 05 Jun 2022 18:28:38 GMT content-encoding gzip age 4338097 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront via 1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront) last-modified Mon, 11 Jan 2021 11:34:48 GMT server AmazonS3 etag W/"1e340a8a60172ac3d1752ff80fe16d2c" vary Accept-Encoding x-amz-version-id WfY__UT9ilK9B_1A7QmG1UU_LbvxtBwD access-control-allow-origin * cache-control max-age=31536000, must-revalidate x-amz-cf-pop FRA56-P6 content-type image/svg+xml x-amz-cf-id 0TVIBRCArpoDXbk47rDqN-MzPKivrGY7QwJeWhajiO2tzdKs74ZoKw==
GET H2	200	554706209398023 Show response connect.facebook.net/signals/config/	292 KB 84 KB	104ms 102ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/554706209398023?v=2.9.66&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash d287eaa4b14246a2418669fee210b3acd4c76ab9fae0e53c69eaaf7ee6af324c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug CJ7EX3WDoAVrrynM7zPT2ALrZFYPtfYCo02EJVbI2/wJHyPuFIo383vBwxIeotgYmhTI2XDkPnOgdST6Zym3fA== x-fb-trip-id 2050670934 cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 25 Jul 2022 23:30:15 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1658791815093 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	p-8a963eca.js Show response production.d1c8he8zul0rg4.amplifyapp.com/build/	8 KB 4 KB	331ms 330ms	Script application/javascript	18.66.248.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-8a963eca.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.12 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-12.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 971e9145de6ee57ca101f5d91225877adb3a2a189f8eceb2376d6fc480ba96eb Request headers Referer https://production.d1c8he8zul0rg4.amplifyapp.com/build/buy-bucks.esm.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:16 GMT content-encoding gzip last-modified Thu, 28 Oct 2021 21:58:02 GMT server AmazonS3 x-amz-cf-pop DUS51-P1 etag W/"57bc168c37a9ed7c153387f2e4685e73" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id lQR7I5H3r2z0hbCa9uw47QDhcPqGtiGHErVO9wUMc9xPm1dP5MpybA== via 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
GET H2	200	p-5af1e942.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	11 KB 6 KB	339ms 339ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-5af1e942.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash eee160fca2b5b7a3194d85d43afa466950cd7180b3b16ff916595e933deb2584 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/mcards.esm.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:16 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"849e804f3880c68ce3b7c68e3b08abe4" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id AENkQVnTTp5Ex7jB3otUisK5wbzoZsOGoF3tAoy16X1bEN9CgagyKA== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-9e2c02ec.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	5 KB 3 KB	399ms 398ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-9e2c02ec.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash c0ea4a1a67eae79e4864475786604b455122bac9beca1d1985b9a5f8d5c01825 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/mcards.esm.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:16 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"b96bb764f1a1c7acb0f45d2722bda893" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id hYSR6DfqBOAUG5VwVyofa0T2T2e8zJ2bTw4kBBAZuGX4qJxVFeHYXA== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-417a9c1c.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	1 KB 994 B	1109ms 1109ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-417a9c1c.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash c4b2d0f39e375af24ead28fb6a83846beaab2c5712451556cfaf2918406149cd Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/mcards.esm.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:16 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"9a4d3589a21ac414d033a2b7a110351e" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 1aLf7TI2ESrrok6ecxvEijjRpbx3gY5EeBj3keioM7IN6bwEY5q_eA== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	/ www.facebook.com/tr/	44 B 297 B	33ms 8ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=554706209398023&ev=PageView&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&rl=&if=false&ts=1658791812833&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658791812831.1395847930&it=1658791812702&coo=false&rqm=GET Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:15 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 44 expires Mon, 25 Jul 2022 23:30:15 GMT
GET H2	200	p-81adc136.entry.js Show response production.d1c8he8zul0rg4.amplifyapp.com/build/	6 KB 3 KB	351ms 350ms	Script application/javascript	18.66.248.12 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-81adc136.entry.js Requested by Host: production.d1c8he8zul0rg4.amplifyapp.com URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-8a963eca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.12 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-12.dus51.r.cloudfront.net Software AmazonS3 / Resource Hash 6f73c19b0ba2cc3fde0bcf8c81b852a9663f0c153531a1035e0195ddc660d74f Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:16 GMT content-encoding gzip last-modified Thu, 28 Oct 2021 21:58:02 GMT server AmazonS3 x-amz-cf-pop DUS51-P1 etag W/"cab07100f92cfadb26ed152101158df2" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id c_mA8teg1dmwIht53JuZ1UBzOo2rnA5NvG3DvMhoVjVMmfmGQwj5Pw== via 1.1 57b1c45cee24c7bbeb8b5420d5868740.cloudfront.net (CloudFront)
GET H3	200	/ www.facebook.com/tr/	44 B 91 B	19ms 7ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=554706209398023&ev=Microdata&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&rl=&if=false&ts=1658791813340&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Promotions%22%2C%22meta%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Promotions%22%2C%22og%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%2C%22twitter%3Atitle%22%3A%22Promotions%22%2C%22twitter%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658791812831.1395847930&it=1658791812702&coo=false&es=automatic&tm=3&rqm=GET Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:15 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 25 Jul 2022 23:30:15 GMT
GET H2	200	/ Show response subscription-widget-production.mcards.com/ Frame 4875	2 KB 1 KB	562ms 302ms	Document text/html	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Requested by Host: production.d1c8he8zul0rg4.amplifyapp.com URL: https://production.d1c8he8zul0rg4.amplifyapp.com/build/p-8a963eca.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 8cbc1418ed91b5f277e43ce7edeb961bdfea92fa8ca8e5e4618af57cd69e05cb Request headers Referer https://www.entertainmentnz.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control public, max-age=0, s-maxage=2 content-encoding gzip content-type text/html date Mon, 25 Jul 2022 23:30:17 GMT etag W/"5b58bdec0900753efe8a1884434a7597" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 vary Accept-Encoding via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) x-amz-cf-id ohaduwH-otKWYuj5EbLP2riFnjnQnymbyr-hKFzXmy7KAvUkCGr0Hg== x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 x-cache RefreshHit from cloudfront
GET H2	200	4eab7e1a35b05799a943.css subscription-widget-production.mcards.com/_next/static/css/ Frame 4875	1 KB 992 B	322ms 321ms	Stylesheet text/css	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/css/4eab7e1a35b05799a943.css Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash af289d250a1a030d3c3f21403a59ee1ba3e31d555836cdfd95404fe69113d59a Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"09bc752b94ae0f696d6fcc27ea214f75" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id XL95bre2Ufb3ZNvprHrkFPDak8Wm-2s7XWi2PkNh_o3QltkSMnXF3A==
GET H2	200	2d26125f51f12d19cac8.css subscription-widget-production.mcards.com/_next/static/css/ Frame 4875	11 KB 3 KB	310ms 309ms	Stylesheet text/css	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/css/2d26125f51f12d19cac8.css Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 03f955967701b1998570e529f1015b0de22c64f983593d41432b419a6325aec5 Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"42a7c2424adeeeb832b5b4c541c2505d" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type text/css via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 5nPNACHBg43TbBwuoto5WhYLjoHQb2braXiH9AE0lkQHSRcZ61I9Xg==
GET H2	200	webpack-6aa24242c38afc8913a0.js Show response subscription-widget-production.mcards.com/_next/static/chunks/ Frame 4875	2 KB 1 KB	331ms 329ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/webpack-6aa24242c38afc8913a0.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0c22946ebb9e24114fb8752b04feda60369a45edd8a60166b36acf768cc6cbf8 Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"c35e23c90e69a681e40eab49ab6a5c27" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id vbvWtv76g39b5_SjTCfu7waO9SDvo_PI2Sqb8Nd7Fs-FowPQCsLquQ==
GET H2	200	framework-2191d16384373197bc0a.js Show response subscription-widget-production.mcards.com/_next/static/chunks/ Frame 4875	128 KB 42 KB	346ms 344ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/framework-2191d16384373197bc0a.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 846ebae4909cae3822f281adf6a0e47b459f90e7984381fcc91e42432df4791d Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"ebfa7545bbc0cb03aa824de5bb5defe6" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id dWDqut81D9-3cO5zEuMv-lO6HVSthb-mINQjpARVleYZGT9Gmj0iXQ==
GET H2	200	main-4777350f2a9ff73ea2b0.js Show response subscription-widget-production.mcards.com/_next/static/chunks/ Frame 4875	61 KB 20 KB	326ms 324ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/main-4777350f2a9ff73ea2b0.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4aa5ae0a97091a46bc9260aeadf21a2b8dc06cb3505abe20efe3e01e1aaa3972 Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"a0608d5f26ca0ad68d2ca131777d310b" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 0ed7rJppm5KfJQzH-TeDtC9Veijru-QElmuD-I4BL3hmNs-5vEOsyA==
GET H2	200	_app-345ed16f78cb7abc2745.js Show response subscription-widget-production.mcards.com/_next/static/chunks/pages/ Frame 4875	54 KB 18 KB	321ms 320ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/pages/_app-345ed16f78cb7abc2745.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b5c5c600058a2e5364ad11c47c2332e6deb14b8dc5998d2f6743e3ab0af5fcad Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"810ca5890ca1ed35009cd82a4c1513bf" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 3St381eG4jUEHOpWk7ZhZksTtLigfqeTA5Zm_w97vyjASlQ1tc1kIA==
GET H2	200	390-a9d7adf84c64ec700da6.js Show response subscription-widget-production.mcards.com/_next/static/chunks/ Frame 4875	37 KB 13 KB	324ms 323ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/390-a9d7adf84c64ec700da6.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7292ee6c2be415bb2ccc542037c7bf5cc60e2a347db8ef038a479cdc5ee063be Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"c5f1d8815e73598e8aae59a332c5022d" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id BsG_UE6tiHWQy-gY8BO-_DTKen_Z8xmB-BeLJAC8AK0bOWn22nOWZA==
GET H2	200	329-066cfeef6748ca6f6055.js Show response subscription-widget-production.mcards.com/_next/static/chunks/ Frame 4875	23 KB 7 KB	331ms 330ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/329-066cfeef6748ca6f6055.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bf47ae1b43a80d14b21381cfb0f43f3bf052d00128ccbda50e2e6f8af9103689 Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"8831fd00713fde0c56ad7116dae3674e" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id tLqkK33aw1r5O1rcQlg56gH2lxEGtwqbBo_e3h9b1BSSMicn5Uto8g==
GET H2	200	index-f2c31195d2d593662f10.js Show response subscription-widget-production.mcards.com/_next/static/chunks/pages/ Frame 4875	2 KB 1 KB	332ms 331ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/chunks/pages/index-f2c31195d2d593662f10.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 4ad1d1db9b17704e8fe6ec283dad7d25d1f400865762184908ae96a90282ca78 Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip etag W/"21959b8390a29e9b8d82f0e24cdb795e" last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 x-amz-server-side-encryption AES256 vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) cache-control public, max-age=0, s-maxage=2 x-amz-cf-id AM2460Iy14F7uvb2RNkssXRlHBZv5d5kRtObZs4v1ZRK34CnH_uZeQ==
GET H2	200	_buildManifest.js Show response subscription-widget-production.mcards.com/_next/static/6WEhEV1h5Z48yTD-UnbaM/ Frame 4875	832 B 1 KB	304ms 303ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/6WEhEV1h5Z48yTD-UnbaM/_buildManifest.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6aece8655823de3e3ceb456c93ceb0a8dcdcbb95007c294330ac399856080991 Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:17 GMT via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 etag "0c30a26193606706486b16a834825a15" x-cache RefreshHit from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 accept-ranges bytes content-length 832 x-amz-cf-id VQL78p5F07IajHW73jbXv6bCYkM0aIbeWYZ7051hACQEGhwqJITCow==
GET H2	200	_ssgManifest.js Show response subscription-widget-production.mcards.com/_next/static/6WEhEV1h5Z48yTD-UnbaM/ Frame 4875	77 B 469 B	313ms 313ms	Script application/javascript	2600:9000:225e:fe00:11:6e9c:ebc0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://subscription-widget-production.mcards.com/_next/static/6WEhEV1h5Z48yTD-UnbaM/_ssgManifest.js Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:225e:fe00:11:6e9c:ebc0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/?type=modal&widgetUuid=160d6330-46f0-0139-fddf-0242ac110003&gtmContainer=site User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:17 GMT via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) last-modified Thu, 14 Oct 2021 05:30:10 GMT server AmazonS3 x-amz-cf-pop FRA60-P4 etag "b6652df95db52feb4daf4eca35380933" x-cache RefreshHit from cloudfront content-type application/javascript cache-control public, max-age=0, s-maxage=2 accept-ranges bytes content-length 77 x-amz-cf-id l6XCh9qtpyQmsW97txD2RmqWaZcKteas1mDTYMwsYnafJT_V6W9Ndw==
GET H2	200	v3 Show response js.stripe.com/ Frame 4875	314 KB 76 KB	75ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3 Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/_next/static/chunks/pages/_app-345ed16f78cb7abc2745.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 6590fb998d8cb921bbfdb58b453a16c1e4b555aa484cdeb9de7983e01987ad1e Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 57 x-cache HIT content-length 77739 etag "b4d722012babb383fc90d0ee6a87dee3" x-request-id 7e87f776-55fd-4771-9df5-bb5c67466a18 x-served-by cache-hhn4076-HHN access-control-allow-origin * last-modified Mon, 25 Jul 2022 18:41:45 GMT server Fastly date Mon, 25 Jul 2022 23:30:16 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 4
GET H2	200	config Show response app.entertainment.com.au/api/widgets/160d6330-46f0-0139-fddf-0242ac110003/ Frame 4875	1 KB 1 KB	1181ms 303ms	Fetch application/json	3.24.111.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.entertainment.com.au/api/widgets/160d6330-46f0-0139-fddf-0242ac110003/config Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/_next/static/chunks/pages/_app-345ed16f78cb7abc2745.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.24.111.92 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-111-92.ap-southeast-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash ecfd074eaa05b6982f3221a3a14389a071b40ea08a6068e04e1babc1d8a5fd9c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:17 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id 9e33efe1-22de-4a03-b565-4deb8e6af5f5 x-runtime 0.009647 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"ecfd074eaa05b6982f3221a3a14389a0" x-download-options noopen access-control-max-age 1728000 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://subscription-widget-production.mcards.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-headers Authorization, Origin, Content-Type, Accept, X-Method, X-Marketer-UUID, X-Simulate-User-Id, X-Authorization-JWT, X-Authorization-AccessJWT
GET H2	200	m-outer-b8be770f77fdcca53aef74601585e790.html Show response js.stripe.com/v3/ Frame 33B4	240 B 845 B	7ms 6ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/m-outer-b8be770f77fdcca53aef74601585e790.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash d0b0b8cfc42480b7d859e59b8bca9737ffd2b2859436922cf6888ef4f90a520b Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://subscription-widget-production.mcards.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 18366 cache-control max-age=31536000 content-encoding br content-length 141 content-security-policy base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 25 Jul 2022 23:30:16 GMT etag "b8be770f77fdcca53aef74601585e790" last-modified Mon, 25 Jul 2022 18:22:27 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 10219 x-content-type-options nosniff x-request-id 986ad0a3-dc0e-4997-8aa0-31ecda19340c x-served-by cache-hhn4076-HHN
POST H2	200	csp-report q.stripe.com/ Frame 33B4	0 571 B	589ms 214ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 25 Jul 2022 23:30:17 GMT x-content-type-options nosniff x-envoy-upstream-service-time 45 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame 33B4	0 571 B	545ms 170ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 25 Jul 2022 23:30:17 GMT x-content-type-options nosniff x-envoy-upstream-service-time 1 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	m-outer-94b09c4e3cc373a453733f672f5a7da9.js Show response js.stripe.com/v3/fingerprinted/js/ Frame 33B4	526 B 384 B	7ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/m-outer-94b09c4e3cc373a453733f672f5a7da9.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/m-outer-b8be770f77fdcca53aef74601585e790.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/m-outer-b8be770f77fdcca53aef74601585e790.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 22 x-cache HIT content-length 256 etag "d96c709017743c0759cf3853d1806ba5" x-request-id 4d35610e-cfd8-4c7a-80b1-05eab2778320 x-served-by cache-hhn4076-HHN access-control-allow-origin * last-modified Mon, 25 Jul 2022 18:22:26 GMT server Fastly date Mon, 25 Jul 2022 23:30:16 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 7
GET H2	200	inner.html Show response m.stripe.network/ Frame C2BB	930 B 1 KB	27ms 7ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/inner.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-94b09c4e3cc373a453733f672f5a7da9.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 108 cache-control max-age=300, public content-encoding gzip content-length 527 content-security-policy base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 25 Jul 2022 23:30:16 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload vary Accept-Encoding, Origin via 1.1 varnish x-cache HIT x-cache-hits 40 x-content-type-options nosniff x-request-id 792cfd2c-408e-418e-899b-2cc9f60ef2ef x-served-by cache-hhn4076-HHN x-timer S1658791817.856298,VS0,VE0
POST H2	200	csp-report q.stripe.com/ Frame C2BB	0 345 B	536ms 216ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:17 GMT referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin strict-transport-security max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload cache-control max-age=0, no-cache, no-store, must-revalidate x-envoy-upstream-service-time 45 x-robots-tag none content-length 0 x-content-type-options nosniff expires 0
GET H2	200	out-4.5.42.js Show response m.stripe.network/ Frame C2BB	86 KB 16 KB	8ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://m.stripe.network/out-4.5.42.js Requested by Host: m.stripe.network URL: https://m.stripe.network/inner.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://m.stripe.network/inner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff age 257 x-cache HIT content-length 16031 x-request-id b506b934-737a-45d5-96d3-30c4f7e320e0 x-served-by cache-hhn4076-HHN server Fastly x-timer S1658791817.886283,VS0,VE0 date Mon, 25 Jul 2022 23:30:16 GMT vary Accept-Encoding, Origin content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=300, public accept-ranges bytes x-cache-hits 72
POST H2	200	6 Show response m.stripe.com/ Frame C2BB	156 B 524 B	529ms 173ms	XHR application/json	52.34.194.100 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://m.stripe.com/6 Requested by Host: m.stripe.network URL: https://m.stripe.network/out-4.5.42.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.34.194.100 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-34-194-100.us-west-2.compute.amazonaws.com Software nginx / Resource Hash 65fc6d6cf76a7cbb7c2781944c318995d54370ff139ce5691a9f0ba86ba63759 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://m.stripe.network/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain;charset=UTF-8 Response headers date Mon, 25 Jul 2022 23:30:17 GMT x-content-type-options nosniff server nginx strict-transport-security max-age=31556926; includeSubDomains; preload content-type application/json;charset=utf-8 access-control-allow-origin https://m.stripe.network access-control-allow-credentials true access-control-allow-headers Content-Type content-length 156
GET H2	200	6119e2e0-0c9f-0139-9bff-0242ac110003 Show response app.entertainment.com.au/api/widgets/160d6330-46f0-0139-fddf-0242ac110003/products/ Frame 4875	2 KB 1 KB	304ms 303ms	Fetch application/json	3.24.111.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.entertainment.com.au/api/widgets/160d6330-46f0-0139-fddf-0242ac110003/products/6119e2e0-0c9f-0139-9bff-0242ac110003?include=display Requested by Host: subscription-widget-production.mcards.com URL: https://subscription-widget-production.mcards.com/_next/static/chunks/pages/_app-345ed16f78cb7abc2745.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.24.111.92 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-111-92.ap-southeast-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 3dccecb7974e2132d0634ae59eeef3dc6eb6081cc8e0263924bf7fd3e2ac6036 Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://subscription-widget-production.mcards.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id 57286213-60fd-4b5f-8f13-f70de4357da5 x-runtime 0.013291 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"3dccecb7974e2132d0634ae59eeef3dc" x-download-options noopen access-control-max-age 1728000 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://subscription-widget-production.mcards.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-headers Authorization, Origin, Content-Type, Accept, X-Method, X-Marketer-UUID, X-Simulate-User-Id, X-Authorization-JWT, X-Authorization-AccessJWT
GET H2	200	controller-f065ea1c4de6e361c3e793d4d44bd104.html Show response js.stripe.com/v3/ Frame A71A	349 B 1021 B	7ms 6ms	Document text/html	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html Requested by Host: js.stripe.com URL: https://js.stripe.com/v3 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 5956f97e7137cad0c13cd9b113ed18b8c7f1dc0b738dd296fa9eb84628d89076 Security Headers Name Value Content-Security-Policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://subscription-widget-production.mcards.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 16 cache-control max-age=60 content-encoding br content-length 168 content-security-policy base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-security-policy-report-only base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report content-type text/html; charset=utf-8 date Mon, 25 Jul 2022 23:30:18 GMT etag "f065ea1c4de6e361c3e793d4d44bd104" last-modified Mon, 25 Jul 2022 18:22:17 GMT server Fastly strict-transport-security max-age=31556926; includeSubDomains; preload timing-allow-origin * vary Accept-Encoding via 1.1 varnish x-cache HIT x-cache-hits 2 x-content-type-options nosniff x-request-id abebc39a-4ef5-49d9-bbce-b462196f3b6c x-served-by cache-hhn4076-HHN
GET H2	200	gtm.js Show response www.googletagmanager.com/	173 KB 63 KB	132ms 37ms	Script application/javascript	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-WTLHNXC Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 77c6b94c07d743427da8299a0d572b0c9ff106acdfc660e5e1a9069f0a000c06 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 63988 x-xss-protection 0 last-modified Mon, 25 Jul 2022 22:37:33 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 25 Jul 2022 23:30:18 GMT
GET H2	200	ns.html Show response www.googletagmanager.com/ Frame D2D8	471 B 629 B	128ms 35ms	Document text/html	2a00:1450:4001:831::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/ns.html?id=GTM-WTLHNXC Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 756c9716927c79ffa659ce28c10eb406d62828212a87c2ac131e38726752d303 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://www.entertainmentnz.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control no-cache, no-store, must-revalidate content-encoding br content-length 217 content-type text/html; charset=UTF-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 25 Jul 2022 23:30:18 GMT expires Fri, 01 Jan 1990 00:00:00 GMT pragma no-cache server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains vary * x-xss-protection 0
GET H2	200	p-551b2623.entry.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	905 B 1 KB	337ms 336ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-551b2623.entry.js Requested by Host: production.d3qm5vhwmy3twi.amplifyapp.com URL: https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-5af1e942.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash ffbadbd7fc2f1570ad5ac3230cfb89925fa5ba69802f37c134f45fd2218e5b71 Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront) last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag "37b5d1a6553da011c5bd7584ac5f166f" x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 accept-ranges bytes content-length 905 x-amz-cf-id D4QIajqhsB47fzoKhh3XcdpEWjN3INq4OZEFvQ9VVz4WdwlQpErtfA==
GET H2	200	p-6b696e8d.entry.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	142 KB 38 KB	338ms 338ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Requested by Host: production.d3qm5vhwmy3twi.amplifyapp.com URL: https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-5af1e942.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 8d5fa5d9e8e98f4a805ff5b1537cc09dd58c31fce874deb92baad668fc642930 Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"d0d04e25996a0573effb24e166bd03c1" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id L6wNDdcl9Q3q3oE9Nuw1g1fdi5v9rQpN3hP2a45e0_fNisrxcLpCBw== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
POST H2	200	csp-report q.stripe.com/ Frame A71A	0 571 B	220ms 219ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff x-envoy-upstream-service-time 50 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
POST H2	200	csp-report q.stripe.com/ Frame A71A	0 570 B	172ms 172ms	Other text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://q.stripe.com/csp-report Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=63072000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/csp-report Response headers date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff x-envoy-upstream-service-time 3 strict-transport-security max-age=63072000; includeSubDomains; preload content-length 0 pragma no-cache referrer-policy strict-origin-when-cross-origin server nginx cross-origin-opener-policy same-origin access-control-max-age 3600 access-control-allow-methods GET, POST, OPTIONS access-control-allow-origin https://js.stripe.com access-control-expose-headers Server, Range, Content-Type cache-control max-age=0, no-cache, no-store, must-revalidate x-robots-tag none access-control-allow-headers Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token expires 0
GET H2	200	shared-6af1e74c263a271237609695834afd13.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A71A	226 KB 55 KB	8ms 7ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 5083d3900204b013f8c383b2175fae3ee18d61ad6e213807152a38b78cacc2e2 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 5 x-cache HIT content-length 56146 etag "287ff37e1ca2446a776d8368e2c52da4" x-request-id 3d71ac79-95cd-4d38-9ce3-bf4f77d5275e x-served-by cache-hhn4076-HHN access-control-allow-origin * last-modified Mon, 25 Jul 2022 18:22:27 GMT server Fastly date Mon, 25 Jul 2022 23:30:18 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 1
GET H2	200	controller-bde697cf052855a8e6e54b55b7463559.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A71A	366 KB 92 KB	8ms 8ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/controller-bde697cf052855a8e6e54b55b7463559.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 0a2e640e7eb235fe3390006daab37bd5cc14117e8b68b1a57e01c617d188d151 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 6 x-cache HIT content-length 93543 etag "9c3b1139b4603b52b954dae775c9481c" x-request-id 7181bb23-dedb-46c0-aa0c-d2283a879997 x-served-by cache-hhn4076-HHN access-control-allow-origin * last-modified Mon, 25 Jul 2022 18:22:25 GMT server Fastly date Mon, 25 Jul 2022 23:30:18 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 1
GET H2	200	1489-423d1329423fd360f27316019b22a0c7.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A71A	231 KB 47 KB	9ms 9ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/1489-423d1329423fd360f27316019b22a0c7.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/controller-bde697cf052855a8e6e54b55b7463559.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash ce3dc891c88609c872bc8f424a458d92980c0d34f97641b3869206bcab568f39 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 10 x-cache HIT content-length 47916 etag "e6ae44448e6759cb629b27f1c4896477" x-request-id ab455d16-1a4d-43b7-894a-4c3b47c36e99 x-served-by cache-hhn4076-HHN access-control-allow-origin * last-modified Fri, 22 Jul 2022 20:19:04 GMT server Fastly date Mon, 25 Jul 2022 23:30:18 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 2
GET H2	200	phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response js.stripe.com/v3/fingerprinted/js/ Frame A71A	2 KB 897 B	9ms 9ms	Script text/javascript	151.101.0.176 FASTLY
General Check archive.org Show headers Download Go to Full URL https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/controller-bde697cf052855a8e6e54b55b7463559.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 151.101.0.176 , United States, ASN54113 (FASTLY, US), Reverse DNS Software Fastly / Resource Hash 7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56 Security Headers Name Value Strict-Transport-Security max-age=31556926; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://js.stripe.com/v3/controller-f065ea1c4de6e361c3e793d4d44bd104.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31556926; includeSubDomains; preload content-encoding br x-content-type-options nosniff age 46 x-cache HIT content-length 770 etag "f1717e2e478c68d16ccd7b37768700be" x-request-id 28f5d85d-d292-4fef-a970-015307702ec0 x-served-by cache-hhn4076-HHN access-control-allow-origin * last-modified Fri, 22 Jul 2022 20:19:07 GMT server Fastly date Mon, 25 Jul 2022 23:30:18 GMT vary Accept-Encoding content-type text/javascript; charset=utf-8 via 1.1 varnish cache-control max-age=60 accept-ranges bytes timing-allow-origin * x-cache-hits 4
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	178ms 172ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	171ms 171ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	172ms 171ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	263ms 262ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	263ms 263ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	261ms 261ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	263ms 263ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	310ms 309ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	252ms 251ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	252ms 252ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
POST H2	200	0 Show response r.stripe.com/ Frame A71A	0 127 B	231ms 231ms	Fetch text/plain	54.187.119.242 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://r.stripe.com/0 Requested by Host: js.stripe.com URL: https://js.stripe.com/v3/fingerprinted/js/shared-6af1e74c263a271237609695834afd13.js Protocol H2 Security TLS 1.2, ECDHE_ECDSA, AES_128_GCM Server 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ip-54-187-119-242.stripe.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept application/json Referer https://js.stripe.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type application/x-www-form-urlencoded Response headers access-control-allow-origin https://js.stripe.com date Mon, 25 Jul 2022 23:30:18 GMT access-control-allow-credentials true server nginx content-length 0 content-type text/plain
GET H2	200	/ www.google.de/pagead/1p-conversion/457430512/ Frame D2D8 Redirect Chain https://www.googleadservices.com/pagead/conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data= https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_i... https://www.google.com/pagead/1p-conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1766641107&sscte=1&... https://www.google.de/pagead/1p-conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1766641107&sscte=1&c...	42 B 108 B	35ms 35ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1766641107&sscte=1&crd=&is_vtc=1&ocp_id=iiffYtTdG9XJx_APuOSu8AY&random=3097993258&ipr=y&prhg=0 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/ns.html?id=GTM-WTLHNXC Protocol H2 Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.googletagmanager.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/gif location https://www.google.de/pagead/1p-conversion/457430512/?url=https%3A%2F%2Fwww.entertainmentnz.com%2F&guid=ON&script=0&data=&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&random=1766641107&sscte=1&crd=&is_vtc=1&ocp_id=iiffYtTdG9XJx_APuOSu8AY&random=3097993258&ipr=y&prhg=0 cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	49 KB 20 KB	95ms 27ms	Script text/javascript	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTLHNXC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Wed, 13 Apr 2022 21:02:38 GMT server Golfe2 age 1461 date Mon, 25 Jul 2022 23:05:57 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 20006 expires Tue, 26 Jul 2022 01:05:57 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	40 KB 15 KB	52ms 29ms	Script text/javascript	142.250.186.130 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTLHNXC Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.186.130 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s07-in-f2.1e100.net Software cafe / Resource Hash b3b810fd46e7aad5b789896519011ab5366b39dbb19a5663c53525f756e89bfb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15160 x-xss-protection 0 server cafe etag 9823212955285023900 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Mon, 25 Jul 2022 23:30:18 GMT
GET H3	200	117213628897997 Show response connect.facebook.net/signals/config/	292 KB 84 KB	56ms 55ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/117213628897997?v=2.9.66&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa18863401feae2deadcfd3faa59cacf98f2dfc73220bdc17aec746c5a96119c Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug YBN9Ot1ANRzonjL50pMsYhPHusKq2DewjbRIFRiLbaD8qCfXgAEyps459yLEt1+TFVbDLTJwfL0++fi15R/Sxw== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 25 Jul 2022 23:30:18 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1658791818477 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	hotjar-2146656.js Show response static.hotjar.com/c/	5 KB 3 KB	98ms 45ms	Script application/javascript	108.157.4.128 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.hotjar.com/c/hotjar-2146656.js?sv=6 Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.128 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-128.dus51.r.cloudfront.net Software / Resource Hash b4463d0ee78b2b515635bde7c460398f30e12741fdd0575886cf6f02ba56c6b6 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT content-encoding br x-content-type-options nosniff cache-control max-age=60 x-amz-cf-pop DUS51-P2 etag W/1fb6ddb563f7326e0acf361cf65189d3 strict-transport-security max-age=86400; includeSubDomains x-cache Miss from cloudfront content-type application/javascript; charset=UTF-8 access-control-allow-origin * x-cache-hit 1 cross-origin-resource-policy cross-origin vary Accept-Encoding x-amz-cf-id c_eizmJPxz2yJvQXleXqtJpoyQMX-aIg53BJq-EN7uz4F9p5_E3peg== via 1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
GET H2	200	api.min.js Show response a.omappapi.com/app/js/	196 KB 55 KB	61ms 14ms	Script application/javascript	84.17.46.54 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTLHNXC Protocol H2 Security TLS 1.3, , AES_256_GCM Server 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-46-54.cdn77.com Software BunnyCDN-AMS-883 / Resource Hash 50e92e8689664f6389e99134667242d55ff33ea74a84c7837b985dc6a941a8a8 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT content-encoding br cdn-edgestorageid 883 perma-cache HIT cdn-storageserver DE-169 cdn-cachedat 07/18/2022 16:31:47 cdn-pullzone 293267 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-AMS-883 access-control-allow-origin * last-modified Mon, 18 Jul 2022 16:29:52 GMT cdn-proxyver 1.02 cdn-fileserver 360 etag W/"62d58a80-30f51" vary Accept-Encoding, Accept-Encoding content-type application/javascript cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cdn-requestid 87fc1be5e552268e235d0f5564d3ddbb cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	bat.js Show response bat.bing.com/	38 KB 12 KB	65ms 35ms	Script application/javascript	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/bat.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 0fcff9391b8f4560e9bc64c28dcd9101f66de7b93676ea8cc254980567f663db Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip last-modified Thu, 16 Jun 2022 18:22:08 GMT accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 255D5164B6D244D393351B4E856552EE Ref B: FRAEDGE1318 Ref C: 2022-07-25T23:30:18Z etag "0c8eafcad81d81:0" vary Accept-Encoding x-cache CONFIG_NOCACHE content-type application/javascript access-control-allow-origin * cache-control private,max-age=1800 date Mon, 25 Jul 2022 23:30:17 GMT accept-ranges bytes content-length 11360
GET		77291 cfjump.entertainment.com.au/tag/ Redirect Chain https://t.cfjump.com/tag/77291 https://cfjump.entertainment.com.au/tag/77291	0 0
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/457430512/	2 KB 1 KB	107ms 35ms	Script text/javascript	2a00:1450:4001:809::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/457430512/?random=1658791816195&cv=9&fst=1658791816195&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&tiba=Promotions&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 46cbd755599c16ff089010fea6930c51b1052030a8fb8934217f98fcb14d1717 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1004 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	20264454.js Show response bat.bing.com/p/action/	0 119 B	149ms 149ms	Script text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Full URL https://bat.bing.com/p/action/20264454.js Requested by Host: bat.bing.com URL: https://bat.bing.com/bat.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers access-control-allow-origin * strict-transport-security max-age=31536000; includeSubDomains; preload cache-control private,max-age=1800 accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: 8C6340EBC0D9468BA12CBAEF0D4F4F1E Ref B: FRAEDGE1318 Ref C: 2022-07-25T23:30:18Z date Mon, 25 Jul 2022 23:30:18 GMT x-cache CONFIG_NOCACHE
GET H2	204	0 bat.bing.com/action/	0 175 B	34ms 33ms	Image text/plain	2620:1ec:c11::200 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://bat.bing.com/action/0?ti=20264454&Ver=2&mid=76f3477c-9052-4463-8ddf-0f37bef22dcd&sid=bd1f14500c7111edaebe3de78aa6f729&vid=bd1f48e00c7111ed94c25b2263ad04f2&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Promotions&p=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&r=&lt=2950&evt=pageLoad&msclkid=N&sv=1&rn=904131 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache strict-transport-security max-age=31536000; includeSubDomains; preload accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version x-msedge-ref Ref A: F04BA065F848486D9E569748C36F7877 Ref B: FRAEDGE1318 Ref C: 2022-07-25T23:30:18Z date Mon, 25 Jul 2022 23:30:17 GMT x-cache CONFIG_NOCACHE access-control-allow-origin * cache-control no-cache, must-revalidate expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	512376773268745 Show response connect.facebook.net/signals/config/	293 KB 84 KB	99ms 98ms	Script application/x-javascript	2a03:2880:f02d:100:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/512376773268745?v=2.9.66&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 238e6f0a19ead70bca6222e2708c2dec14105b541f91d85ddf31f20e086a8b2d Security Headers Name Value Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers content-security-policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests; content-encoding gzip x-content-type-options nosniff document-policy force-load-at-top report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coop_report","include_subdomains":true} cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400,h3-29=":443"; ma=86400 x-xss-protection 0 pragma public x-fb-debug vJH0gF+P94eLPmNCyTwIouF5eXrfH2kHa42badJnJrwsE/q0WYx6tPQVhB8wR4ghRCc8G5veAufBYKArlmGrAQ== cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Mon, 25 Jul 2022 23:30:18 GMT strict-transport-security max-age=31536000; preload; includeSubDomains x-content-cdn-origin-ts 1658791818603 content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 x-fb-rlafr 0 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	16ms 15ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=117213628897997&ev=PageView&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&rl=&if=false&ts=1658791816219&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658791812831.1395847930&it=1658791812702&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 25 Jul 2022 23:30:18 GMT
GET H2	200	api.min.css a.omappapi.com/app/js/	18 KB 3 KB	15ms 15ms	Stylesheet text/css	84.17.46.54 CDN77 ^_^
General Check archive.org Show headers Download Go to Full URL https://a.omappapi.com/app/js/api.min.css Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 84.17.46.54 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB), Reverse DNS unn-84-17-46-54.cdn77.com Software BunnyCDN-AMS-883 / Resource Hash 4b99a75a42582fd22e780855dfb50880df624ce43988616f4b19dc7ba90f1250 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT content-encoding br cdn-edgestorageid 879 perma-cache HIT cdn-storageserver DE-168 cdn-cachedat 07/18/2022 16:30:12 cdn-pullzone 293267 access-control-allow-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cdn-requestpullcode 200 server BunnyCDN-AMS-883 access-control-allow-origin * last-modified Mon, 18 Jul 2022 16:29:47 GMT cdn-proxyver 1.02 cdn-fileserver 401 etag W/"62d58a7b-464c" vary Accept-Encoding, Accept-Encoding content-type text/css cdn-cache HIT access-control-expose-headers Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match cache-control public, max-age=31919000 cdn-uid efcab737-66db-4b75-ab55-ed485d5a01dd cdn-requestid efc8530b79387cffa9be8cf43c8741c2 cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	404	zom271y63w4xfa8l2isd Show response api.omappapi.com/v2/embed/102351/	126 B 569 B	168ms 103ms	XHR application/json	18.66.248.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/102351/zom271y63w4xfa8l2isd Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-89.dus51.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-user-agent standard-- via 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront) x-cache-config 0 0 server Pagely Gateway/1.5.1 x-amz-cf-pop DUS51-P1 date Mon, 25 Jul 2022 23:30:15 GMT vary Accept-Encoding, User-Agent x-cache Error from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-headers X-CSRF-Token content-length 126 x-amz-cf-id ULznnWGt00bJNT9jlSqPprwD0cs5gf7VyVx8R4mGs03sOxEKXrdI0w== expires Mon, 25 Jul 2022 23:30:38 GMT
GET H2	200	jrrgunzheedurvkniksd Show response api.omappapi.com/v2/embed/102351/	3 KB 2 KB	351ms 289ms	XHR application/json	18.66.248.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/102351/jrrgunzheedurvkniksd Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-89.dus51.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 30ce61ff0be9c9afefc5ac00e2eee73bca9631d9d5e1ed5fc58986535467afb4 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:15 GMT content-encoding gzip x-cache-config 0 0 x-amz-cf-pop DUS51-P1 x-cache-status HIT x-cache Miss from cloudfront access-control-allow-headers X-CSRF-Token x-optinmonster-campaign jrrgunzheedurvkniksd x-user-agent standard-- last-modified Mon, 15 Feb 2021 10:08:49 GMT server Pagely Gateway/1.5.1 etag W/"3624daf2973925ef4900cb74df9edf5c" vary Accept-Encoding, User-Agent content-type application/json via 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront) access-control-expose-headers X-OptinMonster-Campaign, X-User-Agent cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-origin * x-amz-cf-id 6Z3x9DrAkf1cnS4yZGjAdnQhPeDsAHJhrYfv2h9iqB53H1ufQItX0A== expires Mon, 25 Jul 2022 23:05:13 GMT
GET H2	404	s6n790vyssm2p3vrlllf Show response api.omappapi.com/v2/embed/102351/	126 B 570 B	338ms 287ms	XHR application/json	18.66.248.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v2/embed/102351/s6n790vyssm2p3vrlllf Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-89.dus51.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash fb52c6a4691c4c183a50921b788be2bd1b704e18e7603c31ee103106a6c1a190 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-user-agent standard-- via 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront) x-cache-config 0 0 server Pagely Gateway/1.5.1 x-amz-cf-pop DUS51-P1 date Mon, 25 Jul 2022 23:30:15 GMT vary Accept-Encoding, User-Agent x-cache Error from cloudfront content-type application/json access-control-allow-origin * cache-control public, max-age=30, stale-while-revalidate=1800 access-control-allow-headers X-CSRF-Token content-length 126 x-amz-cf-id YuNOLF3eKk32wnnmKEHDIvRhLx6qPCIyvyeESwvXd68G3OtOqH2eGw== expires Mon, 25 Jul 2022 23:30:38 GMT
GET H2	200	modules.6a5da0d590df764ca613.js Show response script.hotjar.com/	247 KB 64 KB	53ms 11ms	Script application/javascript	108.157.4.38 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://script.hotjar.com/modules.6a5da0d590df764ca613.js Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2146656.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 108.157.4.38 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-108-157-4-38.dus51.r.cloudfront.net Software / Resource Hash eea54a25d415f4abf48a1e89d7a6d9211b65986bb081de9ad324dcbb103db9b8 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Thu, 21 Jul 2022 09:39:06 GMT content-encoding br x-content-type-options nosniff age 395472 x-cache Hit from cloudfront cross-origin-resource-policy cross-origin strict-transport-security max-age=86400; includeSubDomains content-length 64657 access-control-allow-origin * last-modified Thu, 21 Jul 2022 09:39:03 GMT etag "2bddb6ee72f2a47166ed0f5f35ee713b" vary Accept-Encoding content-type application/javascript via 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront) cache-control max-age=31536000 x-amz-cf-pop DUS51-P2 accept-ranges bytes x-robots-tag none x-amz-cf-id HDB13llyqTGNNg2IWdSTYXjmQT1KNTlPwXgjv49s1ka36QQb7hN01g==
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	91ms 29ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1256625166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&ul=en-us&de=UTF-8&dt=Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1881684233&gjid=11328117&cid=2031274643.1658791816&tid=UA-187464068-1&_gid=879887273.1658791816&_r=1&gtm=2wg7k0WTLHNXC&z=579150766 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.entertainmentnz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.entertainmentnz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	91ms 31ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1256625166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&ul=en-us&de=UTF-8&dt=Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1881684233&gjid=11328117&cid=2031274643.1658791816&tid=UA-187464068-2&_gid=879887273.1658791816&_r=1&gtm=2wg7k0WTLHNXC&z=579150766 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.entertainmentnz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.entertainmentnz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	200	collect Show response www.google-analytics.com/j/	2 B 22 B	81ms 21ms	XHR text/plain	2001:4860:4802:38::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1256625166&t=pageview&_s=1&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&ul=en-us&de=UTF-8&dt=Promotions&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1881684233&gjid=11328117&cid=2031274643.1658791816&tid=UA-187464068-3&_gid=879887273.1658791816&_r=1&gtm=2wg7k0WTLHNXC&z=579150766 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3 Security QUIC, , AES_128_GCM Server 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://www.entertainmentnz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://www.entertainmentnz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	p-6af6419a.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	4 KB 2 KB	351ms 345ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6af6419a.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash f10ea93090a5f77226a6c6f3c429a433c21e878599efa4018394e256b47d44c2 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-551b2623.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"3733f6554bfc5232f368078dd2a15706" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id i49plqQFYruBimGaH_bOazZ-5SA_9MGuL1PQebxR7qZt3esOqVXAsw== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-239310a8.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	2 KB 1 KB	349ms 344ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-239310a8.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash e98de6e9c55745fbd0717e36e8e234776a390c75032c7c2f9f553a9af800ef8a Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"ef4e08affaff069a4ed4c1eb6ffb98d3" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 5mhqTkpt0fTePL9se5YvClaE-hP1R9EM1xQ9L2t30_KBMXEKM0o6ZQ== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-d93b9a56.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	2 KB 1 KB	361ms 356ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-d93b9a56.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash b40e92ee534fd567a767f048a7727ebd1436435c74f83f4bbfc61bcf24a48d11 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"b97b04597ea01c5ba7186dea8d81968a" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id 2e8qcC-nGNj6_TFISFeYCve3-34-QO8AA09BhIAe9eQ4CWcuFm0f-g== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-41af333f.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	95 KB 26 KB	376ms 371ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-41af333f.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 71ce676bece30bf6d08c532d1d3819b4be08a1138ec87923d9d1b5dcfa7ff3a5 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"efe0cdde261b6e5adcf9ba6c1074e6e0" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id xatulfeVMYh-TcQAuT1e2OFh60kXCnZPX4s9qCDvw8Zx9WmvbHn4Ww== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-3d5779e2.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	14 KB 6 KB	334ms 330ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-3d5779e2.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 134e3519d58fd93367c650b37911c84b2ce98dbc2f111fc64f45f28bc3055573 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"8eab10d56bd9d84380ab66e9775c5d15" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id eH5S-8pKg3PLcyS3T4W4dUiFNVPIG-67MiJ4eqe5ed-Zl37QYmwUAA== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-c8c7a4e4.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	125 KB 35 KB	345ms 340ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-c8c7a4e4.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 4b0e17833f0b74d97dfceeff4344d85255d6c1fd09ad1f1203c641e47806cab6 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"07c4edc36c8d3933681173570a643837" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id YTClC3GtYQ4_AQXhV-qflcxXR5SaR3DStjrBZd6xQT8RmjvoHpwZkQ== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-a1a9cf60.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	1 KB 1 KB	341ms 337ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-a1a9cf60.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 10d60ad3c62db584b0e7d6350600b16671862e8b85b1bf32b8688d44b3413363 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"58f759827cda74787332b8d3a4fdc469" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id NOZafr-weTVQAjN76M47O09NnTVCBU_RkR9R8yiyxO1WWOxVax8LAA== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-16697f35.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	161 KB 38 KB	336ms 331ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-16697f35.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 6c510859d5850e444305c7059dcabc140525177ab5d31f3be60a7d15d08b3756 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"8bcfcfd6d7ae9add5ef8684d72e11b86" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id VK0VuUzpZGeoV7ny4DW1BG9ZUeqYIWZvX9jvJkWGNfCXSK82Kkuryg== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H2	200	p-501171ff.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	548 B 963 B	364ms 360ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-501171ff.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 567658c5559a859fab1507e2926eb0d7e21fe5aef559654e135caf99c0795100 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront) last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag "4114d3960ad68e9dc30bc315d2850fb2" x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 accept-ranges bytes content-length 548 x-amz-cf-id napbtRVIr55jjABeqvU-TWmCHa56lZD5OX4hTJJIe_4Rzduv7RoRlA==
GET H2	200	p-d6e44183.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	4 KB 2 KB	358ms 354ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-d6e44183.js Requested by Host: www.entertainmentnz.com URL: https://www.entertainmentnz.com/promotions Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 0b5ec3d4083453f1dcd21bcec1992056a1144ad75501e3e33e474bf902408067 Request headers Referer https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6b696e8d.entry.js Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"50c188c4e01ab88daf839c3711b89118" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id o4RHpobjxxWh79Qiho0gJarrXWtbKF4x92Uao3OkwRdxehfFy--kmw== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)
GET H3	200	/ www.google.com/pagead/1p-user-list/457430512/	42 B 64 B	118ms 31ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/457430512/?random=1658791816195&cv=9&fst=1658790000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&tiba=Promotions&async=1&fmt=3&is_vtc=1&random=2220794781&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/457430512/	42 B 548 B	124ms 35ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/457430512/?random=1658791816195&cv=9&fst=1658790000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg7k0&sendb=1&frm=0&url=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&tiba=Promotions&async=1&fmt=3&is_vtc=1&random=2220794781&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	8ms 8ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=512376773268745&ev=PageView&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&rl=&if=false&ts=1658791816340&sw=1600&sh=1200&v=2.9.66&r=stable&ec=0&o=30&fbp=fb.1.1658791812831.1395847930&it=1658791812702&coo=false&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 25 Jul 2022 23:30:18 GMT
GET H2	200	box-0004cb77850b00d4aa7e1e08ff61e8f0.html Show response vars.hotjar.com/ Frame 95D7	2 KB 1 KB	36ms 7ms	Document text/html	18.66.139.40 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vars.hotjar.com/box-0004cb77850b00d4aa7e1e08ff61e8f0.html Requested by Host: static.hotjar.com URL: https://static.hotjar.com/c/hotjar-2146656.js?sv=6 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.139.40 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-139-40.fra60.r.cloudfront.net Software / Resource Hash cbbfda74ce57788b9a3877e57fb6ccd91c2e8db043acc08b0091a4ee7509f489 Security Headers Name Value Strict-Transport-Security max-age=86400; includeSubDomains Request headers Referer https://www.entertainmentnz.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 897491 cache-control max-age=31536000 content-encoding br content-length 1044 content-type text/html cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Fri, 15 Jul 2022 14:12:07 GMT etag "d2caf2e569940c65a88268a169f3facf" last-modified Fri, 15 Jul 2022 14:11:55 GMT strict-transport-security max-age=86400; includeSubDomains vary Accept-Encoding via 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront) x-amz-cf-id OulwNVEcZEaxwJlzw8gWcw3amORmL-0vLAUXBiwFbf2k2dWjhx_l7A== x-amz-cf-pop FRA60-P4 x-cache Hit from cloudfront x-robots-tag none
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	59ms 20ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-187464068-1&cid=2031274643.1658791816&jid=1881684233&gjid=11328117&_gid=879887273.1658791816&_u=YGBACEAABAAAAC~&z=1184074860 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.entertainmentnz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 25 Jul 2022 23:30:18 GMT content-type text/plain access-control-allow-origin https://www.entertainmentnz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 448 B	58ms 19ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-187464068-1&cid=2031274643.1658791816&jid=1881684233&gjid=11328117&_gid=879887273.1658791816&_u=YGBACEAABAAAAC~&z=1184074860 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.entertainmentnz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 25 Jul 2022 23:30:18 GMT content-type text/plain access-control-allow-origin https://www.entertainmentnz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	4 B 70 B	59ms 20ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-187464068-1&cid=2031274643.1658791816&jid=1881684233&gjid=11328117&_gid=879887273.1658791816&_u=YGBACEAABAAAAC~&z=1184074860 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80 Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://www.entertainmentnz.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Mon, 25 Jul 2022 23:30:18 GMT content-type text/plain access-control-allow-origin https://www.entertainmentnz.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	204	2146656 Show response vc.hotjar.io/sessions/	0 257 B	77ms 35ms	XHR text/plain	18.66.112.19 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://vc.hotjar.io/sessions/2146656?s=0.25&r=0.2231397667882684 Requested by Host: script.hotjar.com URL: https://script.hotjar.com/modules.6a5da0d590df764ca613.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.112.19 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-112-19.fra56.r.cloudfront.net Software Python/3.7 aiohttp/3.5.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:18 GMT via 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront) server Python/3.7 aiohttp/3.5.4 x-amz-cf-pop FRA56-P5 x-cache Miss from cloudfront access-control-allow-origin * cache-control no-store x-amz-cf-id EUJ5CwN1yArLh4HnXmh5qJqCpRzAZDQ9Ekb_WAdp8PxJa9LUOEHA0A==
GET H3	200	ga-audiences www.google.com/ads/	42 B 63 B	32ms 31ms	Image image/gif	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-187464068-1&cid=2031274643.1658791816&jid=1881684233&_u=YGBACEAABAAAAC~&z=2015280251 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ga-audiences www.google.de/ads/	42 B 63 B	107ms 32ms	Image image/gif	2a00:1450:4001:827::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-187464068-1&cid=2031274643.1658791816&jid=1881684233&_u=YGBACEAABAAAAC~&z=2015280251 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers pragma no-cache date Mon, 25 Jul 2022 23:30:18 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	json Show response api.omappapi.com/v3/geolocate/	557 B 965 B	297ms 296ms	XHR application/json	18.66.248.89 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://api.omappapi.com/v3/geolocate/json Requested by Host: a.omappapi.com URL: https://a.omappapi.com/app/js/api.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.66.248.89 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-66-248-89.dus51.r.cloudfront.net Software Pagely Gateway/1.5.1 / Resource Hash 227e418b2a28b5b6be3d66e8e08980c4c158078bff173deade8c1dbb2449c213 Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:15 GMT via 1.1 1f16598f51b4c33e5f56e49ea72a6154.cloudfront.net (CloudFront) x-cache-config 0 0 x-amz-cf-pop DUS51-P1 x-cache-status BYPASS x-cache Miss from cloudfront content-length 557 x-user-agent standard-- server Pagely Gateway/1.5.1 x-ratelimit-remaining 999 content-type application/json access-control-allow-origin * x-ratelimit-reset 1658791875 x-ratelimit-limit 1000 x-pagely-debug mainblock x-amz-cf-id nGGH5EVcr6gKzAPG80RKf09KzXUvvvvte2WmpXdLaIrmtGbAMrJeBA==
GET H2	200	config Show response app.entertainment.com.au/api/widgets/160d6330-46f0-0139-fddf-0242ac110003/	1 KB 1 KB	299ms 298ms	Fetch application/json	3.24.111.92 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://app.entertainment.com.au/api/widgets/160d6330-46f0-0139-fddf-0242ac110003/config Requested by Host: production.d3qm5vhwmy3twi.amplifyapp.com URL: https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-6af6419a.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 3.24.111.92 Sydney, Australia, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-24-111-92.ap-southeast-2.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash ecfd074eaa05b6982f3221a3a14389a071b40ea08a6068e04e1babc1d8a5fd9c Security Headers Name Value X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:19 GMT content-encoding gzip x-content-type-options nosniff x-permitted-cross-domain-policies none x-xss-protection 1; mode=block x-request-id b37b6554-4b91-4acc-bb4b-82bf5cacb5f4 x-runtime 0.008022 referrer-policy strict-origin-when-cross-origin server nginx/1.18.0 x-frame-options SAMEORIGIN etag W/"ecfd074eaa05b6982f3221a3a14389a0" x-download-options noopen access-control-max-age 1728000 access-control-allow-methods POST, GET, PUT, DELETE, OPTIONS content-type application/json access-control-allow-origin https://www.entertainmentnz.com cache-control max-age=0, private, must-revalidate access-control-allow-credentials true access-control-allow-headers Authorization, Origin, Content-Type, Accept, X-Method, X-Marketer-UUID, X-Simulate-User-Id, X-Authorization-JWT, X-Authorization-AccessJWT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	8ms 8ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=117213628897997&ev=Microdata&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&rl=&if=false&ts=1658791816728&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Promotions%22%2C%22meta%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Promotions%22%2C%22og%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%2C%22twitter%3Atitle%22%3A%22Promotions%22%2C%22twitter%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658791812831.1395847930&it=1658791812702&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:19 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 25 Jul 2022 23:30:19 GMT
GET H3	200	/ www.facebook.com/tr/	44 B 88 B	9ms 8ms	Image image/gif	2a03:2880:f12d:181:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=512376773268745&ev=Microdata&dl=https%3A%2F%2Fwww.entertainmentnz.com%2Fpromotions&rl=&if=false&ts=1658791816845&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Promotions%22%2C%22meta%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Promotions%22%2C%22og%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%2C%22twitter%3Atitle%22%3A%22Promotions%22%2C%22twitter%3Adescription%22%3A%22Joining%20our%20Entertainment%20Membership%20during%20a%20promotional%20period%3F%20Here%20you%20will%20find%20out%20everything%20you%20need%20to%20know%20about%20our%20Promotions%2C%20Competitions%20and%20Bonus%20Offers.%22%2C%22og%3Atype%22%3A%22website%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.66&r=stable&ec=1&o=30&fbp=fb.1.1658791812831.1395847930&it=1658791812702&coo=false&es=automatic&tm=3&rqm=GET Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://www.entertainmentnz.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers date Mon, 25 Jul 2022 23:30:19 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 priority u=3,i expires Mon, 25 Jul 2022 23:30:19 GMT
GET H2	200	p-09537779.entry.js Show response production.d3qm5vhwmy3twi.amplifyapp.com/build/	1 KB 1 KB	349ms 348ms	Script application/javascript	18.64.119.57 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-09537779.entry.js Requested by Host: production.d3qm5vhwmy3twi.amplifyapp.com URL: https://production.d3qm5vhwmy3twi.amplifyapp.com/build/p-5af1e942.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 18.64.119.57 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-18-64-119-57.txl50.r.cloudfront.net Software AmazonS3 / Resource Hash 243ae29c057100cb9bbde3e17e50820267cd45ac595eb33fd61a1fbdd09b1d6b Request headers Referer https://www.entertainmentnz.com/ Origin https://www.entertainmentnz.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36 Response headers x-amz-server-side-encryption AES256 date Mon, 25 Jul 2022 23:30:20 GMT content-encoding gzip last-modified Thu, 02 Sep 2021 01:04:58 GMT server AmazonS3 x-amz-cf-pop TXL50-P4 etag W/"c626dfcf54545d409e385342ad8f966f" vary Accept-Encoding x-cache RefreshHit from cloudfront content-type application/javascript access-control-allow-origin * cache-control public, max-age=0, s-maxage=2 x-amz-cf-id uofErit7wWOIEHKmHyMOmAyh-XIWJJbvpydc-8rJjWdK60egEtHqtg== via 1.1 9da69b2a3e09ed415586f37a6b06b2da.cloudfront.net (CloudFront)

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

cfjump.entertainment.com.au

URL

https://cfjump.entertainment.com.au/tag/77291