subscriptions.nzherald.co.nz Open in urlscan Pro
104.18.2.137 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://u7465594.ct.sendgrid.net/ss/c/XJKV8CHVmXG8OkNF_Xo-UcjLv-NmOtNOducZOcYk-m6DomCiXUcRRsQVVYp9bUedN9RzAVny6QMsyRBjSKlAmg/416/...
Effective URL:
https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Submission: On November 13 via manual (November 13th 2023, 12:48:29 am UTC) from AU — Scanned from AU

Summary HTTP 51 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 51 HTTP transactions. The main IP is 104.18.2.137, located in and belongs to CLOUDFLARENET, US. The main domain is subscriptions.nzherald.co.nz.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 6th 2023. Valid for: a year.

This is the only time subscriptions.nzherald.co.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.121 167.89.115.121	11377 (SENDGRID) (SENDGRID)
2 9	104.18.2.137 104.18.2.137	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.175.97 142.251.175.97	15169 (GOOGLE) (GOOGLE)
5	52.84.251.33 52.84.251.33	16509 (AMAZON-02) (AMAZON-02)
3	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
2	23.72.45.76 23.72.45.76	16625 (AKAMAI-AS) (AKAMAI-AS)
2	42.99.140.139 42.99.140.139	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
3	52.84.251.52 52.84.251.52	16509 (AMAZON-02) (AMAZON-02)
8	23.32.29.8 23.32.29.8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
1 3	18.155.68.92 18.155.68.92	16509 (AMAZON-02) (AMAZON-02)
2	38.133.127.127 38.133.127.127	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3 4	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	18.211.227.140 18.211.227.140	14618 (AMAZON-AES) (AMAZON-AES)
2	54.179.143.41 54.179.143.41	16509 (AMAZON-02) (AMAZON-02)
1	54.192.150.79 54.192.150.79	16509 (AMAZON-02) (AMAZON-02)
51	16

1 167.89.115.121 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x121.outbound-mail.sendgrid.net

u7465594.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.2.137 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

subscriptions.nzherald.co.nz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.175.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.84.251.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-33.sin5.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.1 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.72.45.76 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-45-76.deploy.static.akamaitechnologies.com

amplify.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wave.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.99.140.139 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-139.pacnet.net

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.84.251.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-52.sin5.r.cloudfront.net

cdn.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.32.29.8 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-29-8.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.235.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.155.68.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-92.sin52.r.cloudfront.net

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 38.133.127.127 (Sacramento, United States)

ASN22075 (AS-OUTBRAIN, US)

tr.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.107.42.14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.227.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-227-140.compute-1.amazonaws.com

pixel.keywee.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.179.143.41 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-143-41.ap-southeast-1.compute.amazonaws.com

secure-dcr.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-79.sin2.r.cloudfront.net

skqehjzpvgmommd2qddcqq2beto3a1699836503.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	imrworldwide.com 1 redirects cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3064 secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1758 secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 3073 skqehjzpvgmommd2qddcqq2beto3a1699836503.nuid.imrworldwide.com	80 KB
9	nzherald.co.nz 2 redirects subscriptions.nzherald.co.nz	448 KB
8	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 742	257 KB
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	142 KB
4	linkedin.com 3 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 377 www.linkedin.com — Cisco Umbrella Rank: 629	5 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	272 B
4	keywee.co cdn.keywee.co — Cisco Umbrella Rank: 16707 pixel.keywee.co — Cisco Umbrella Rank: 14336	34 KB
4	outbrain.com amplify.outbrain.com — Cisco Umbrella Rank: 3022 tr.outbrain.com — Cisco Umbrella Rank: 2814 wave.outbrain.com — Cisco Umbrella Rank: 3006	9 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	125 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 778	7 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	107 KB
1	sendgrid.net 1 redirects u7465594.ct.sendgrid.net	247 B
51	12

	Domain	Requested by
9	subscriptions.nzherald.co.nz	2 redirects subscriptions.nzherald.co.nz
8	analytics.tiktok.com	subscriptions.nzherald.co.nz analytics.tiktok.com
7	cdnjs.cloudflare.com	subscriptions.nzherald.co.nz
5	cdn-gl.imrworldwide.com	www.googletagmanager.com cdn-gl.imrworldwide.com
4	www.facebook.com	subscriptions.nzherald.co.nz
3	px.ads.linkedin.com	2 redirects subscriptions.nzherald.co.nz
3	secure-gl.imrworldwide.com	1 redirects cdn-gl.imrworldwide.com subscriptions.nzherald.co.nz
3	cdn.keywee.co	subscriptions.nzherald.co.nz cdn.keywee.co
3	connect.facebook.net	subscriptions.nzherald.co.nz connect.facebook.net
2	secure-dcr.imrworldwide.com	subscriptions.nzherald.co.nz
2	tr.outbrain.com	amplify.outbrain.com
2	snap.licdn.com	subscriptions.nzherald.co.nz snap.licdn.com
1	skqehjzpvgmommd2qddcqq2beto3a1699836503.nuid.imrworldwide.com	subscriptions.nzherald.co.nz
1	pixel.keywee.co	subscriptions.nzherald.co.nz
1	www.linkedin.com	1 redirects
1	wave.outbrain.com	amplify.outbrain.com
1	amplify.outbrain.com	subscriptions.nzherald.co.nz
1	www.googletagmanager.com	subscriptions.nzherald.co.nz
1	u7465594.ct.sendgrid.net	1 redirects
51	19

This site contains links to these domains. Also see Links.

Domain
www.nzme.co.nz

Subject Issuer	Validity	Valid
nzherald.co.nz Cloudflare Inc ECC CA-3	`2023-04-06` - `2024-04-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-22` - `2023-11-20`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
*.anyword.com Amazon RSA 2048 M01	`2023-06-05` - `2024-07-03`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
pixel.keywee.co Amazon ECDSA 256 M01	`2023-02-01` - `2024-03-01`	a year	crt.sh
*.nuid.imrworldwide.com Amazon RSA 2048 M01	`2023-04-12` - `2024-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Frame ID: 332D8B601BCF63B2157B5A3E5FD3E5BB
Requests: 47 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: B04C6B1A41A82C07F9F1F28BD2FBEF4A
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 2077D15C2E471B83A90B9282026658DD
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NZ Herald - Subscriptions

Page URL History Show full URLs

https://u7465594.ct.sendgrid.net/ss/c/XJKV8CHVmXG8OkNF_Xo-UcjLv-NmOtNOducZOcYk-m6DomCiXUcRRsQVVYp9bUedN9RzAVn... HTTP 302
http://subscriptions.nzherald.co.nz/trial10/ HTTP 302
https://subscriptions.nzherald.co.nz/trial10/ HTTP 302
http://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10 HTTP 307
https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10 Page URL

Detected technologies

Adobe ColdFusion (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.cfm(?:$|\?)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

51
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

16
IPs

4
Countries

1208 kB
Transfer

3516 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nzme.co.nz/about-us/privacy-policy/
Title: privacy policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://u7465594.ct.sendgrid.net/ss/c/XJKV8CHVmXG8OkNF_Xo-UcjLv-NmOtNOducZOcYk-m6DomCiXUcRRsQVVYp9bUedN9RzAVny6QMsyRBjSKlAmg/416/AkAFdGEkR9iLRKR7rz2h-g/h1/rVKIhQHmfrxd4c9I6JNMkpz5W82Ctq3_QG1hwDFXzq4 HTTP 302
http://subscriptions.nzherald.co.nz/trial10/ HTTP 302
https://subscriptions.nzherald.co.nz/trial10/ HTTP 302
http://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10 HTTP 307
https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10 HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3093356%26time%3D1699836503495%26url%3Dhttps%253A%252F%252Fsubscriptions.nzherald.co.nz%252Fpromotion%252Findex.cfm%253Fcode%253Dnzhtrial10%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&cookiesTest=true&liSync=true

Request Chain 38

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1699836503825&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&sr=1600x1200&id=lstrg-0e2bf5476e582b37b2426bd0abacce13&tz=8 HTTP 302
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1699836503825&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&sr=1600x1200&id=lstrg-0e2bf5476e582b37b2426bd0abacce13&tz=8&ja=1

51 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index.cfm Show response
subscriptions.nzherald.co.nz/promotion/
Redirect Chain

https://u7465594.ct.sendgrid.net/ss/c/XJKV8CHVmXG8OkNF_Xo-UcjLv-NmOtNOducZOcYk-m6DomCiXUcRRsQVVYp9bUedN9RzAVny6QMsyRBjSKlAmg/416/AkAFdGEkR9iLRKR7rz2h-g/h1/rVKIhQHmfrxd4c9I6JNMkpz5W82Ctq3_QG1hwDFXzq4
http://subscriptions.nzherald.co.nz/trial10/
https://subscriptions.nzherald.co.nz/trial10/
http://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

47 KB
10 KB

485ms
484ms

Document
text/html

104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6d2578d4fdc18fe38d29eaedfe794231daef24765f4763682ce05e4a93d7439

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 825302328a2255f1-ADL
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 13 Nov 2023 00:48:21 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: SAMEORIGIN

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Non-Authoritative-Reason: HSTS

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/ 88 KB
31 KB 456ms
288ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.3/jquery.min.js

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1139401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 May 2023 13:08:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/origin0
etag: W/"64638062-15f5b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wfjJ071%2BZf%2BEs2AkaAhwAJhc4hYMtVLy56CfNuGShEpCgWu6oZcvlLDSOYgk57An0uaU8VDiIaTa3aS5NyFAMye95LCaBKKp91TMz7jtd9pbgVDmYzTZWR788KG565kBYUFP6C1C"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
timing-allow-origin: *
cf-ray: 82530236fd233e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/ 249 KB
56 KB 362ms
194ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/jquery-ui.min.js

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 456251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 56990
last-modified: Fri, 29 Jul 2022 20:40:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62e445d5-de9e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=riuNOlij3fJsJzrvC%2FUN19WnQZvrbpaBf%2BjED%2Bd0IoX68hpl9l2TOQbGZOnoYznQENQtvNhvKPesNxuS2JttysjQr4jPc7CeN3BzAhpgOfcRdaiVJJhTlNZF%2BIxz3cB0JbjKmUsJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82530236fd253e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.6/umd/ 20 KB
7 KB 252ms
85ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.11.6/umd/popper.min.js

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 447494
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6617
last-modified: Thu, 11 Aug 2022 09:00:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62f4c533-19d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6QAj568bclLUkqeVTK%2FbjYMlFaRd2Et2mSkBeUkL%2FDVZhkl94JJvgnXv%2BR302WpmusI4VHiYgr1R%2BLIRDP1BYtey%2F4p8CaV4VV8Vx9OAdOTMuO66vX%2FEtAB79KJDyN%2Bg4axc0FaN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82530236fd243e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/ 30 KB
7 KB 257ms
90ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.13.2/themes/base/jquery-ui.min.css

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

54dc71796bfbf1f069559ddc33c2e8992efec541f621797a849d442a69822696

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1052225
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6453
last-modified: Fri, 29 Jul 2022 20:40:53 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62e445d5-1935"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uejvUeaIGk0EqGjExF5fc8gdYBskfSEUApk%2FRplKV4NAATziCR3svix9T46lzFd%2FaKk%2FA%2BSNVXQOaHHE8a5A9TzvNBUgbEXjU1%2FTRhCptEcGiAnn9SGRLLOzt8qMNSU7nLPtkN%2BO"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82530236fd213e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H2 200 bootstrap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/ 59 KB
14 KB 334ms
167ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/js/bootstrap.min.js

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1083198
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 14425
last-modified: Tue, 22 Nov 2022 08:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "637c82db-3859"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hM7Y6tmHuHgsVj%2FIWk1bNqRpCxm3nzxi47LDZwHLgK45FZtZyq8mMQLlLUh3zuB3f3ApN%2BPZWP%2FQQxw492iORNQMqFIwf9TSjdmb3fV4sYykQ6m4FE215Kfei5S8QRjwMktQUP%2Fw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82530236fd223e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H2 200 bootstrap.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/css/ 232 KB
22 KB 487ms
320ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/css/bootstrap.css

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22b464461c1d3b621c3f6fb5b678b6531ab0a704d0e1bd078ddd371b87473db0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 6060
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21667
last-modified: Tue, 22 Nov 2022 08:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "637c82db-54a3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkWBtJmMQ4h1xuL0GSpVw%2F8NxcBziPbFB6PJo1QrxtbKIRs7duDD8mt%2FRmbqQJmhwWUnJWNjUBPqtPYIUBQ4fATfLRkSnJ0SQ8lUFuKG0EZqPCl1vE0XASGVqezjER0ReU%2Ffbypg"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82530236fd1f3e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H2 200 bootstrap-utilities.min.css
cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/css/ 57 KB
5 KB 327ms
160ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/bootstrap/5.2.3/css/bootstrap-utilities.min.css

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

294fbe577db1b30e931f51ae2f4a3b4fd0892e25b2ea713677ea9792e2cfb252

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 180677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4589
last-modified: Tue, 22 Nov 2022 08:05:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "637c82db-11ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FORNQviiMGfkbboCIfHOhN9d4wNcRQlGVyKcQGnLCokNTnDBQb%2FWZVg3UtgjJHi2eyiW%2BPf5r9oMon7mVUq9ImJj0P%2FbEzeYpRBGelIQjISnrLrdeg5t3uv9VRp0Vd4sIbc0CH7B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 82530236fd203e5e-ADL
expires: Sat, 02 Nov 2024 00:48:21 GMT

GET
H3 200 site.css
subscriptions.nzherald.co.nz/promotion/ 2 KB
1 KB 428ms
428ms Stylesheet
text/css 104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.nzherald.co.nz/promotion/site.css

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96e6731246cfde4cd5105d790052996db04eec608c271121d570d5aa77c7ad69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
cf-cache-status: DYNAMIC
last-modified: Thu, 09 Mar 2023 23:08:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/css
cf-ray: 82530235ea8155f5-ADL
alt-svc: h3=":443"; ma=86400

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 452 KB
107 KB 588ms
196ms Script
application/javascript 142.251.175.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KGJ3NMV

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.175.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

00404d04d56d2d21b20f480004486fbdba98cda64aa9d8f84cbea18fddcfaa96

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:22 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109367
x-xss-protection: 0
last-modified: Mon, 13 Nov 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 13 Nov 2023 00:48:22 GMT

GET
H3 200 header.jpg
subscriptions.nzherald.co.nz/promotion/images/ 7 KB
7 KB 445ms
445ms Image
image/jpeg 104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.nzherald.co.nz/promotion/images/header.jpg

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9faa386947b3d72304d57e8d6c5ea2b233efe5264c853264c89444160fe27094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Jun 2017 22:15:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 825302363b0c55f5-ADL
alt-svc: h3=":443"; ma=86400
content-length: 6940

GET
H3 200 promologo_591.jpg
subscriptions.nzherald.co.nz/images/uploaded/ 5 KB
5 KB 455ms
455ms Image
image/jpeg 104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.nzherald.co.nz/images/uploaded/promologo_591.jpg

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c3c0ace4a895906a45b925ca9c5d13d7cc5ec2e1a549b7e1a852690fc38686d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Wed, 05 Apr 2023 07:35:37 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 825302363b1055f5-ADL
alt-svc: h3=":443"; ma=86400
content-length: 5318

GET
H3 200 promoheader_591.jpg
subscriptions.nzherald.co.nz/images/uploaded/ 304 KB
304 KB 483ms
482ms Image
image/jpeg 104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.nzherald.co.nz/images/uploaded/promoheader_591.jpg

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c64855333ac21ac825ae1a0d77a47b49a7d3135a8ba14852cd25f06a798939d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Mon, 10 Apr 2023 21:03:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
cf-ray: 825302390ff255f5-ADL
alt-svc: h3=":443"; ma=86400
content-length: 311484

GET
H3 200 icon-subscribe.png
subscriptions.nzherald.co.nz/promotion/images/ 1 KB
1 KB 461ms
461ms Image
image/png 104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.nzherald.co.nz/promotion/images/icon-subscribe.png

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7606958cb9770642dbafa00fa3762ee3138a45cd750e5c691d7eae0df7b6267c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Mon, 12 Jun 2017 22:15:11 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
cf-ray: 82530239384355f5-ADL
alt-svc: h3=":443"; ma=86400
content-length: 1077

GET
H3 200 Stag-Medium.otf
subscriptions.nzherald.co.nz/fonts/ 117 KB
117 KB 522ms
522ms Font
application/vnd.oasis.opendocument.formula-template 104.18.2.137
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.nzherald.co.nz/fonts/Stag-Medium.otf

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/site.css

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.2.137 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e824af4d022c7bbcc501d465ed55ed0fce60049624909af3e274839d224bd04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://subscriptions.nzherald.co.nz/promotion/site.css
Origin: https://subscriptions.nzherald.co.nz
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cf-cache-status: DYNAMIC
last-modified: Tue, 13 Feb 2018 21:13:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: application/vnd.oasis.opendocument.formula-template
accept-ranges: bytes
cf-ray: 82530239485555f5-ADL
alt-svc: h3=":443"; ma=86400
content-length: 119676

GET
H2 200 nlsqueue.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 450 B
893 B 474ms
153ms Script
application/javascript 52.84.251.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsqueue.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGJ3NMV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-33.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f9cceab3a20f0d6525e99a8bd13eec9a0706b78a276107891721c7e3ba09d8a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: rMGsPnOtDPZSjk4nbNmQ2958SQPTlWJv
date: Mon, 13 Nov 2023 00:38:00 GMT
via: 1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 450
last-modified: Wed, 06 Sep 2023 13:04:53 GMT
server: AmazonS3
etag: "7e189c61a1ad159088b817cee2cfe516"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
x-amz-cf-id: VoAkaJga4Wmss2GdjQaPpy7IWIuAU-T_PenCF58bB3d4qXdCFVZcRw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 457ms
152ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Nov 2023 00:48:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: AqBJ2NGhQwyS5avGBMGlshIJxQsTOFk0ZjSbcz0mSPI7ODK02w4DygNq2a3VvdW6ID2s6VEIigE5X8yUBmtLEA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 v60.js Show response
cdn-gl.imrworldwide.com/ 21 KB
7 KB 477ms
164ms Script
application/javascript 52.84.251.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KGJ3NMV
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-33.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding: gzip
via: 1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
date: Sun, 12 Nov 2023 00:51:04 GMT
last-modified: Mon, 25 Jul 2022 13:33:52 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 86240
x-amz-server-side-encryption: AES256
etag: W/"3bad78b036ef952c6ace672b2251b459"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: UiWNWDPV8kEcP04QDwFfeVy6J4nlQUs7x0tl9LFr0broYJQCwsRB6Q==

GET
H/1.1 200
OK obtp.js Show response
amplify.outbrain.com/cp/ 25 KB
8 KB 482ms
161ms Script
application/x-javascript 23.72.45.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://amplify.outbrain.com/cp/obtp.js
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.76 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-76.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4265d147d3242210a8e98e1e7cb29010bd10d44e25c16e70da6867b7167cc03b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 00:48:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 12:14:24 GMT
Server: AkamaiNetStorage
ETag: "f320f5f7101feb67aac562b03c4a4fe4:1698844088.24117"
Vary: Accept-Encoding
Content-Type: application/x-javascript
X-RG: OC
Cache-Control: max-age=1200
X-CC: AU
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7735
Expires: Mon, 13 Nov 2023 01:08:23 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 481ms
152ms Script
application/javascript 42.99.140.139
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.99.140.139 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

ip-42-99-140-139.pacnet.net

Software

Resource Hash

c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 08 Nov 2023 07:18:39 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: max-age=66722
accept-ranges: bytes
content-length: 3840

GET
H2 200 analytics-1.5.12.min.js Show response
cdn.keywee.co/dist/ 22 KB
8 KB 483ms
166ms Script
application/javascript 52.84.251.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-52.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 10:37:22 GMT
content-encoding: gzip
via: 1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified: Mon, 28 Dec 2020 09:55:56 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 193064
etag: W/"13a05c433850fad0455e2ee1a1707eb0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=259200,public
x-amz-cf-id: uIi6hJf8jfIVrr6QTDYZH3hiETlP-alZsubtIrsPU52EgV6Y0U4F8g==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 5 KB
3 KB 690ms
382ms Script
application/javascript 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDI3KJRC77U5MH0KC01G&lib=ttq
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f4faca8e5501f8ee1c2c920650bb2d133bb6603b69bd5f946cecfd1dfdb88e62

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 16cd1052.dd7b9364
date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 227,23.32.29.4
server-timing: cdn-cache; desc=MISS, edge; dur=222, origin; dur=7, inner; dur=3
content-length: 1961
pragma: no-cache
server: nginx
x-tt-logid: 20231113004823DF1EE0B888BB7C20306E
x-cache-remote: TCP_MISS from a23-46-239-30.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.46.239.30
x-tt-trace-host: 01e5ad7c9299484cfbd80ddc9ff24b85f46e5141f85c86f0335aed9f335cb1394d253b857047db8da7d98449705ec8e379e77bba78aa03ea830e134998ab674fb07d7452d9c25581bfb3dd7325e667a34cff63b53993d6fdb4171beb96284808d3cd99926ae04e4ccb00e8382bd6c19251
expires: Mon, 13 Nov 2023 00:48:23 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 692ms
385ms Script
application/javascript 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLUM5JC77U110MKK6MG&lib=ttq
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 6509b684df94ab81458a744e2922e191cb3c6b151ab2cd9f4358bcf31eafee98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: 7164e7b6.dd7b9381
date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 226,23.32.29.4
server-timing: cdn-cache; desc=MISS, edge; dur=222, origin; dur=5, inner; dur=3
content-length: 1303
pragma: no-cache
server: nginx
x-tt-logid: 20231113004823844835F9F9F2133421C7
x-cache-remote: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 5,23.48.200.133
x-tt-trace-host: 01e5ad7c9299484cfbd80ddc9ff24b85f4a84259d70d2afab46a66a1da22b8517b4624f2438b43b8e66769c8cde97644512f6538a4006f12435e2c0f59042a089cdf2a3da85239f694cd86aa58678daad878b6a3b525e7c2692ee7b96692a9f40e6b3004a101890882d163f4576a21d076
expires: Mon, 13 Nov 2023 00:48:23 GMT

GET
H2 200 tr
www.facebook.com/ 0
185 B 456ms
152ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr?id=225703061569407&ev=PageView&noscript=1&gtmcb=1626313707

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Nov 2023 00:48:23 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 P69DDCF68-3F51-4F0E-BFF1-E0768DA05EB7.js Show response
cdn-gl.imrworldwide.com/conf/ 27 KB
7 KB 157ms
156ms Script
application/javascript 52.84.251.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P69DDCF68-3F51-4F0E-BFF1-E0768DA05EB7.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsqueue.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-33.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e534628fcd18becf2ff8a81f1f287d441a6cbf4c72887df3568d106e1fba2f4a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: ugVt87BS1KmNYlA9UfPjKdNWfIDvk42T
content-encoding: gzip
via: 1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
date: Sun, 12 Nov 2023 23:59:10 GMT
last-modified: Sun, 12 Nov 2023 01:17:13 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 2953
x-amz-server-side-encryption: AES256
etag: W/"de5d506edf4a7e26620dbc5a32216997"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: Y0lD1fhenHbj51cxtRYefpjBlKmL194Zbkt7Drwij0JiU_HsrFblYQ==

GET
H2 200 storageframe.html Show response
secure-gl.imrworldwide.com/ Frame B04C 11 KB
4 KB 473ms
157ms Document
text/html 18.155.68.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-gl.imrworldwide.com/storageframe.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/v60.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-92.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer: https://subscriptions.nzherald.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 13 Nov 2023 00:48:23 GMT
etag: W/"654165c5-2b27"
last-modified: Tue, 31 Oct 2023 20:38:29 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront)
x-amz-cf-id: VRlBkXfdc9woXONA_i5pJxhU6JccmKNa0xagogxu-B3CosciI2WWjw==
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 8 KB
3 KB 153ms
153ms Script
application/x-javascript 42.99.140.139
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

42.99.140.139 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),

Reverse DNS

ip-42-99-140-139.pacnet.net

Software

Resource Hash

5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 15 Oct 2023 08:32:45 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=14373
accept-ranges: bytes
content-length: 3272

POST
H/1.1 200
OK unifiedPixel
tr.outbrain.com/ 53 B
248 B 994ms
247ms Ping
image/gif 38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/unifiedPixel?optOut=false&bust=07136560213371517&referrer=&cht=gtm&marketerId=005ec43fc57a078e322c19003a4d9d4245&name=PAGE_VIEW&dl=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&g=1&obApiVersion=1.1&obtpVersion=2.0.5
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.127 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 00:48:24 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: d601b8b85b5e1cb81e50d9228a08401c
Content-Length: 54
Content-Type: image/gif;

GET
H/1.1 200
OK cachedClickId Show response
tr.outbrain.com/ 35 B
220 B 997ms
251ms Script
application/javascript 38.133.127.127
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.outbrain.com/cachedClickId?marketerId=005ec43fc57a078e322c19003a4d9d4245
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 38.133.127.127 Sacramento, United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
Software: /
Resource Hash: 1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 00:48:24 GMT
content-encoding: br
X-TraceId: dda14aca06fb66773eaf6fbc48c5287d
Content-Length: 39
Content-Type: application/javascript

GET
H/1.1 200
OK 005ec43fc57a078e322c19003a4d9d4245 Show response
wave.outbrain.com/mtWavesBundler/handler/ 2 B
443 B 472ms
151ms Script
text/html 23.72.45.76
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wave.outbrain.com/mtWavesBundler/handler/005ec43fc57a078e322c19003a4d9d4245
Requested by: Host: amplify.outbrain.com
URL: https://amplify.outbrain.com/cp/obtp.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.72.45.76 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-72-45-76.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Mon, 13 Nov 2023 00:48:23 GMT
Content-Encoding: gzip
ob-sent-time: 1699835726945
ETag: W/"2-vyGp6PvFo4RvsFtPoIWeCReyIC8"
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-RG: OC
Cache-Control: max-age=60
X-CC: AU
Connection: keep-alive
X-TraceId: 55f629a887b89b5f4b68f56e350a98ef
Content-Length: 22
Expires: Mon, 13 Nov 2023 00:49:23 GMT

GET
H2 200 2795.js Show response
cdn.keywee.co/config/ 229 B
568 B 152ms
152ms Script
application/javascript 52.84.251.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/config/2795.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-52.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 702396fa67e7fa779ea932e7d7ed42ba81d454aa056ff3c9e2fd66495d89c313

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 01:49:02 GMT
via: 1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified: Wed, 29 Sep 2021 15:24:36 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 82762
etag: "c0dbcfefac651b9464ca2f23bc3c6549"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
content-length: 229
x-amz-cf-id: tuD6NgKOFTwbny-ggvTMj5YxluUIFiivWeWWOyoMFTBI670511elNA==

GET
H2 200 188836589149854 Show response
connect.facebook.net/signals/config/ 139 KB
36 KB 397ms
396ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/188836589149854?v=2.9.138&r=stable&domain=subscriptions.nzherald.co.nz

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

8be8717aa347a02bca6136210673f22ab858eba5c1cc6b72b53d67fd49b03bd8

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Nov 2023 00:48:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: qwiLQFM+0whccBtYEwyPsSBS+eBMCFYxIgojZ3xmblGzHtms43S4iSqViEbcXhBXRJUzm9MQy5O1Gu9inbtzXQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 179ms
179ms Script
application/javascript 52.84.251.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P69DDCF68-3F51-4F0E-BFF1-E0768DA05EB7.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-33.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-amz-version-id: Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding: gzip
via: 1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
date: Mon, 13 Nov 2023 00:42:44 GMT
x-amz-cf-pop: SIN5-C1
age: 339
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Wed, 06 Sep 2023 13:04:53 GMT
server: AmazonS3
etag: W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: lYTqbS6VX-OMrSnvf0FLy_a4sdbbOd-GRczi30WuUGpgt6Cd7NDJIQ==

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3093356%26time%3D1699836503495%26url%3Dhttps%253A%252F%252Fsubscriptions.nzherald...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&cookiesTest=true&liSync=true

0
397 B

292ms
291ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&cookiesTest=true&liSync=true
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:24 GMT
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: 9F5349D0B3C648369932A3896E45E887 Ref B: MEL01EDGE1811 Ref C: 2023-11-13T00:48:24Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-ltx1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYJ/gcJ7vcZsc8rZggxcg==

Redirect headers

strict-transport-security: max-age=31536000
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options: nosniff
date: Mon, 13 Nov 2023 00:48:23 GMT
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAYJ/gcFTqN5I6GaV0Oqsw==
pragma: no-cache
x-li-pop: afd-prod-ltx1-x
x-msedge-ref: Ref A: E025A75959B542A8B7BFA733B27815D6 Ref B: MEL01EDGE1811 Ref C: 2023-11-13T00:48:24Z
x-frame-options: sameorigin
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3093356&time=1699836503495&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&cookiesTest=true&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sp-2.9.1.js Show response
cdn.keywee.co/dist/ 75 KB
26 KB 183ms
183ms Script
application/x-javascript 52.84.251.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.keywee.co/dist/sp-2.9.1.js
Requested by: Host: cdn.keywee.co
URL: https://cdn.keywee.co/dist/analytics-1.5.12.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-52.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Thu, 19 Oct 2023 15:07:52 GMT
content-encoding: gzip
via: 1.1 884565e44bd03047bbadc5b86c50509c.cloudfront.net (CloudFront)
last-modified: Sun, 14 Oct 2018 12:37:03 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
age: 2108431
etag: W/"e0e6c30dc2f18c8cee12448a4cbb07eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=315360000
x-amz-cf-id: Vp4nyh1ARv9lsR4rUpUvQ8vML7Ug2xG94K7yvCeYjZUSFh_lCY0DVg==

GET
H2 200 main.MTdjYzNiZDU2MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 417 KB
108 KB 154ms
154ms Script
application/javascript 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CDI3KJRC77U5MH0KC01G&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: dd7b9b75
date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20231109073738FF31946AFFFF6001337E
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 011b7215c76e231e8c61706f282c0cc279a09d996413c758216d73603037e91e5330ae8284955565d65649bfcb011035aa7651d3ba6a4fc5e2d6687d5069db90c38c4b0dc71899dc737a10d3321bba1403791de308fdcc7e822398718efb009470
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length: 110259

GET
H2 200 main.MTdjYzNiZDU2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 397 KB
106 KB 349ms
348ms Script
application/javascript 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CFLUM5JC77U110MKK6MG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: dd7b9b84
date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202311090733037B7CA1EE64A39ED0A002
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 015e56db4359dbfda4ce92c3e3e483fee156bca5d1a28c8fceaf3a0f305c979ea26dedaa147a195c2dde4e03411ba5278dff4267af4a253c40afd60b65c548778b3ae3b5b035b1c43bf59d8e31abef78a8fadbbbb2c7ed5f44817bc16602f1055f
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 108209

GET
H2 200 i
pixel.keywee.co/ 43 B
294 B 868ms
285ms Image
image/gif 18.211.227.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.keywee.co/i?stm=1699836503718&e=pv&url=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&page=NZ%20Herald%20-%20Subscriptions&tv=js-2.9.1&tna=cf&aid=2795&p=web&tz=Australia%2FPerth&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&f_passive=1&f_wheel=wheel&eid=bef077e0-d9c6-4994-b7c1-1496972ecfe0&dtm=1699836503716&vp=1600x1200&ds=1600x1303&vid=1&sid=5a877cd1-c658-4286-a378-8526721919d5&duid=583779ef-3dcc-4b92-9801-24487aa2303d&fp=3132127988

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.211.227.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-211-227-140.compute-1.amazonaws.com

Software

nginx/1.21.3 /

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

status: 200 OK
date: Mon, 13 Nov 2023 00:48:24 GMT
x-content-type-options: nosniff
content-type: image/gif
server: nginx/1.21.3
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 2077 12 KB
4 KB 155ms
154ms Document
text/html 52.84.251.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-33.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://subscriptions.nzherald.co.nz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2321
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Mon, 13 Nov 2023 00:09:43 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Wed, 06 Sep 2023 13:04:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 e869415928b7de75c30c1dc3da361400.cloudfront.net (CloudFront)
x-amz-cf-id: PeJ03zTC_UmNvPLLCrXzaYFLKJPOnZtWaYv_dPuhf1nT_0tXEv3VSA==
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
x-amz-version-id: CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache: Hit from cloudfront

GET
H2

200

m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain

https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1699836503825&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Find...
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1699836503825&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Find...

44 B
580 B

154ms
154ms

Image
image/gif

18.155.68.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1699836503825&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&sr=1600x1200&id=lstrg-0e2bf5476e582b37b2426bd0abacce13&tz=8&ja=1
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Server: 18.155.68.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-92.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Mon, 13 Nov 2023 00:48:24 GMT
via: 1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: 6Goe2aTFj9BqCj_O5pCBTU0eCRD19qnh-9Y6uOwrYPXflkrjCcnW3Q==
expires: Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date: Mon, 13 Nov 2023 00:48:23 GMT
via: 1.1 5e28bc713b3439ab2d031400bb99f2a0.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 0
pragma: no-cache
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
location: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1699836503825&ci=nz-apn&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&sr=1600x1200&id=lstrg-0e2bf5476e582b37b2426bd0abacce13&tz=8&ja=1
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: Zxlyln1tO-U9NpURGUfnEEzv8eLOEaaXznN5Eh73ou9xzCZH0KoqBA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 identify_bb163.js Show response
analytics.tiktok.com/i18n/pixel/static/ 135 KB
36 KB 158ms
158ms Script
application/javascript 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_bb163.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-akamai-request-id: dd7ba321
date: Mon, 13 Nov 2023 00:48:23 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2023110907470585C883AD206966EAE9B0
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01f34713e8091a71485c7b957dfa0cecb84a40290625eb26b442be52aef3e237e03760d6e51935e732bec81cd3cf1e4d7a62d638131777a37b5261d800d935b05eb110b88c1091657879ef78f86143a1d57d55c6d6e55c0e823f2ce29c806037cb
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=4
content-length: 36482

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
790 B 481ms
480ms Ping
text/plain 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscriptions.nzherald.co.nz/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 7165127b.dd7ba43d
date: Mon, 13 Nov 2023 00:48:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
x-parent-response-time: 313,23.32.29.4
server-timing: cdn-cache; desc=MISS, edge; dur=218, origin; dur=99, inner; dur=94
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311130048243824D2C1708D1D5B8399
x-cache-remote: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 99,23.48.200.133
x-tt-trace-host: 01e5ad7c9299484cfbd80ddc9ff24b85f4a84259d70d2afab46a66a1da22b8517b4624f2438b43b8e66769c8cde9764451e430ac8e248eb0e65b95964934d3901eb1732fcc4c7b624d1747050f236185f3f1aba59849fd84342c02b24d59d0e0f2c91d29b1c4088e35c73f23b7de40d4e4
access-control-allow-headers: Authorization,*
expires: Mon, 13 Nov 2023 00:48:24 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
647 B 490ms
490ms Ping
text/plain 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscriptions.nzherald.co.nz/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dd7ba467
date: Mon, 13 Nov 2023 00:48:24 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing: inner; dur=73, cdn-cache; desc=MISS, edge; dur=5, origin; dur=322
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20231113004824992443616C0A7E5B31FB
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 323,23.32.29.4
x-tt-trace-host: 01e5ad7c9299484cfbd80ddc9ff24b85f46167c8633766f500c9861609a8ed2561aadd85df303a8d0f352a9fad8f24870a58f147d1f62bd8d962cebbe445886e48f98c3686b2f4dbaaa8e0a3ce555b07484aecd9b99f4595fd65ae915bc5e1f0d9
access-control-allow-headers: Authorization,*
expires: Mon, 13 Nov 2023 00:48:24 GMT

GET
H3 200 291468989156837 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 396ms
395ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/291468989156837?v=2.9.138&r=stable&domain=subscriptions.nzherald.co.nz

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

597195fa8c63b64bec76934345e3b6cd373101f922da756a00b352f720226dca

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 13 Nov 2023 00:48:24 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: nth/SOknepizIW7kxcyJVmnC/NeH218ZBqXxwdUGInjRCN093wdZSjd0Puqc2gwSbELQ7bqGM3pQaOCJSmYw2g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 152ms
151ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=188836589149854&ev=PageView&dl=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&rl=&if=false&ts=1699836503997&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1699836503994.456693629&cs_est=true&ler=empty&it=1699836503485&coo=false&rqm=GET

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Nov 2023 00:48:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 2077 44 B
425 B 476ms
153ms Image
image/gif 54.179.143.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P69DDCF68-3F51-4F0E-BFF1-E0768DA05EB7&sessionId=skqehjzpvgmommd2qddcqq2beto3a1699836503&c16=sdkv,bj.6.0.0&uoo=&fp_id=cpt1hvi0zfcgbo8hlp56zuabc9gjg1699836503&fp_cr_tm=1699836503768&fp_acc_tm=1699836503768&fp_emm_tm=1699836503768&ve_id=&c30=bldv,6.0.0.673&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.143.41 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-143-41.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 00:48:24 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
skqehjzpvgmommd2qddcqq2beto3a1699836503.nuid.imrworldwide.com/ Frame 2077 35 B
359 B 890ms
152ms Image
image/gif 54.192.150.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://skqehjzpvgmommd2qddcqq2beto3a1699836503.nuid.imrworldwide.com/
Requested by: Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-79.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sun, 12 Nov 2023 02:25:37 GMT
via: 1.1 b4ef37917b36c601eeeeb55cdda4288c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 80567
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: x74C3w2cnHGcORFn8u1OSRT5hyCQUqb-xynFYRfmIa4kKdBms53CoQ==

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
647 B 1155ms
1154ms Ping
text/plain 23.32.29.8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTdjYzNiZDU2MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.29.8 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-29-8.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscriptions.nzherald.co.nz/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: dd7ba8a0
date: Mon, 13 Nov 2023 00:48:25 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-cache: TCP_MISS from a23-32-29-4.deploy.akamaitechnologies.com (AkamaiGHost/11.3.2-52182464) (-)
server-timing: inner; dur=48, cdn-cache; desc=MISS, edge; dur=6, origin; dur=988
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202311130048257C9EAFC6F13BFBEF4B6C
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 989,23.32.29.4
x-tt-trace-host: 01e5ad7c9299484cfbd80ddc9ff24b85f46167c8633766f500c9861609a8ed2561646d62f34e3dc2ec2f42f8f690157aba0a32591f09fae570a24b3722162ba1fd175ee38155391104132744d4cd79653e62f800e30a4d68bb3e358a7576275318
access-control-allow-headers: Authorization,*
expires: Mon, 13 Nov 2023 00:48:25 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 151ms
150ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=291468989156837&ev=KWCEPV&dl=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&rl=&if=false&ts=1699836504550&cd[noad30]=1&cd[noadcm]=1&cd[nokart]=0&cd[pvps]=1&cd[slensec]=0&cd[ar30d]=1&cd[arcm]=1&cd[kar30d]=0&cd[karcm]=0&cd[ts30d]=0&cd[tscm]=0&cd[kru]=0&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.2.1699836503994.456693629&ler=empty&it=1699836503485&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=2&rqm=GET

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Nov 2023 00:48:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 152ms
151ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=291468989156837&ev=PageView&dl=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&rl=&if=false&ts=1699836504551&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.2.1699836503994.456693629&ler=empty&it=1699836503485&coo=false&dpo=LDU&dpoco=0&dpost=0&tm=1&rqm=GET

Requested by

Host: subscriptions.nzherald.co.nz
URL: https://subscriptions.nzherald.co.nz/promotion/index.cfm?code=nzhtrial10

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.235.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 13 Nov 2023 00:48:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 gn
secure-dcr.imrworldwide.com/cgi-bin/ 44 B
424 B 153ms
152ms Image
image/gif 54.179.143.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=nz-910563&ch=nz-910563_b21_Nzherald.co.nz%20-%20Other_S&asn=Nzherald.co.nz%20-%20Other&fp_id=cpt1hvi0zfcgbo8hlp56zuabc9gjg1699836503&fp_cr_tm=1699836503768&fp_acc_tm=1699836503768&fp_emm_tm=1699836503768&ve_id=&sessionId=skqehjzpvgmommd2qddcqq2beto3a1699836503&prv=1&c6=vc,b21&ca=NA&c13=asid,P69DDCF68-3F51-4F0E-BFF1-E0768DA05EB7&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,p7vbcyfmnuybrfogwtvkbtzgbawd91699836504&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16998365037603487&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=%2Fpromotion%2Findex.cfm&c3=st,c&c64=starttm,1699836505&adid=%2Fpromotion%2Findex.cfm&c58=isLive,false&c59=sesid,&c61=createtm,1699836505&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fsubscriptions.nzherald.co.nz%2Fpromotion%2Findex.cfm%3Fcode%3Dnzhtrial10&c66=mediaurl,&sdd=&c62=sendTime,1699836505&rnd=275294
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.179.143.41 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-179-143-41.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.nzherald.co.nz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 13 Nov 2023 00:48:25 GMT
server: nginx
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
subscriptions.nzherald.co.nz/	1970-01-20 16:12:02	Name: CFID Value: 28406672
subscriptions.nzherald.co.nz/	1970-01-20 16:12:02	Name: CFTOKEN Value: 33c6595dba9e3df-BD80D102-FDDF-FED5-FFB1F2629A1AA90D
subscriptions.nzherald.co.nz/	1969-12-31 23:59:59	Name: JSESSIONID Value: F5C28A3984CE00EA6F5066760EA1690D.cfusion
subscriptions.nzherald.co.nz/	1970-01-21 00:56:12	Name: NZME.SUBSESSION Value: 2311131624994
subscriptions.nzherald.co.nz/	1970-01-20 16:12:02	Name: NZMEPROMO Value: 231113711600
subscriptions.nzherald.co.nz/	1970-01-21 01:46:36	Name: CFGLOBALS Value: urltoken%3DCFID%23%3D28406672%26CFTOKEN%23%3D33c6595dba9e3df%2DBD80D102%2DFDDF%2DFED5%2DFFB1F2629A1AA90D%26jsessionid%23%3DF5C28A3984CE00EA6F5066760EA1690D%2Ecfusion%23lastvisit%3D%7Bts%20%272023%2D11%2D13%2013%3A48%3A21%27%7D%23hitcount%3D3%23timecreated%3D%7Bts%20%272023%2D11%2D13%2013%3A48%3A20%27%7D%23cftoken%3D33c6595dba9e3df%2DBD80D102%2DFDDF%2DFED5%2DFFB1F2629A1AA90D%23cfid%3D28406672%23
.nzherald.co.nz/	1970-01-20 16:10:38	Name: kw.session_ts Value: 1699836503499
.nzherald.co.nz/	1970-01-20 16:12:02	Name: kw.pv_session Value: 1
.tiktok.com/	1970-01-21 01:32:12	Name: _ttp Value: 2Y6CB9zMu9Gsfsz2fzBGXX7GviS
.nzherald.co.nz/	1970-01-20 16:10:38	Name: _sp_ses.7e39 Value: *
.nzherald.co.nz/	1970-01-21 01:32:12	Name: _sp_id.7e39 Value: 583779ef-3dcc-4b92-9801-24487aa2303d.1699836504.1.1699836504.1699836504.5a877cd1-c658-4286-a378-8526721919d5
.nzherald.co.nz/	1970-01-20 20:29:48	Name: nol_fpid Value: cpt1hvi0zfcgbo8hlp56zuabc9gjg1699836503\|1699836503768\|1699836503768\|1699836503768
.nzherald.co.nz/	1970-01-21 01:32:12	Name: _tt_enable_cookie Value: 1
.nzherald.co.nz/	1970-01-21 01:32:12	Name: _ttp Value: mwa9pbyEakvCUpgpZdFsW-2lPTx
.linkedin.com/	1970-01-20 18:20:12	Name: li_sugr Value: ccfd838a-8644-4c57-8ef7-7e0a9972f2d3
.linkedin.com/	1970-01-21 00:56:12	Name: bcookie Value: "v=2&b96b29f1-d3e4-4592-8886-07682e5c64d8"
.linkedin.com/	1970-01-20 16:12:02	Name: lidc Value: "b=TGST03:s=T:r=T:a=T:p=T:g=3088:u=1:x=1:i=1699836503:t=1699922903:v=2:sig=AQHc3fzbUOabJHZ1iOYBZnwXP0XJLqHd"
.imrworldwide.com/	1970-01-21 01:32:12	Name: IMRID Value: 596b5600-81be-11ee-b05e-4f1834214eb9
.nzherald.co.nz/	1970-01-20 18:20:12	Name: _fbp Value: fb.2.1699836503994.456693629
.linkedin.com/	1970-01-20 16:53:48	Name: UserMatchHistory Value: AQLrgNZRBGwOrgAAAYvGJqg0W314GyA11ERyngfzqu2Vh-2obr7UpDAzaM1ZFjoy2NBZ1h5Jir6-Rw
.linkedin.com/	1970-01-20 16:53:48	Name: AnalyticsSyncHistory Value: AQI2d428UFwHKAAAAYvGJqg0xdYwm2m7O7BpWlwrlHEoEHF0TM2fbTvbODtvIs87h0LDJVqzJuAJ73bboV-H5A
subscriptions.nzherald.co.nz/	1970-01-20 16:10:36	Name: dicbo_id Value: %7B%22dicbo_fetch%22%3A1699836504337%7D
.www.linkedin.com/	1970-01-21 00:56:12	Name: bscookie Value: "v=1&202311130048241b5d1147-d8b5-492f-886a-dc27dae1c78eAQHCdxvVL3l2NFnqdPTZjHBAyLooEpXj"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amplify.outbrain.com
analytics.tiktok.com
cdn-gl.imrworldwide.com
cdn.keywee.co
cdnjs.cloudflare.com
connect.facebook.net
pixel.keywee.co
px.ads.linkedin.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
skqehjzpvgmommd2qddcqq2beto3a1699836503.nuid.imrworldwide.com
snap.licdn.com
subscriptions.nzherald.co.nz
tr.outbrain.com
u7465594.ct.sendgrid.net
wave.outbrain.com
www.facebook.com
www.googletagmanager.com
www.linkedin.com
104.17.25.14
104.18.2.137
13.107.42.14
142.251.175.97
157.240.235.1
157.240.235.35
167.89.115.121
18.155.68.92
18.211.227.140
23.32.29.8
23.72.45.76
38.133.127.127
42.99.140.139
52.84.251.33
52.84.251.52
54.179.143.41
54.192.150.79
00404d04d56d2d21b20f480004486fbdba98cda64aa9d8f84cbea18fddcfaa96
051a8137b75880006ab58f47778ca713ed6c967130faba043c5cd0ed34517dc8
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
22b464461c1d3b621c3f6fb5b678b6531ab0a704d0e1bd078ddd371b87473db0
294fbe577db1b30e931f51ae2f4a3b4fd0892e25b2ea713677ea9792e2cfb252
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
4265d147d3242210a8e98e1e7cb29010bd10d44e25c16e70da6867b7167cc03b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
54dc71796bfbf1f069559ddc33c2e8992efec541f621797a849d442a69822696
597195fa8c63b64bec76934345e3b6cd373101f922da756a00b352f720226dca
5b3086a886aa8649ecbf496ac913a1aa443926cd2fff610be2d136c9598bcd8b
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
62723060de0c92d89ec49f9b3bc1fd54b786111e8ad3451a6cf7ebc8553e7b74
6509b684df94ab81458a744e2922e191cb3c6b151ab2cd9f4358bcf31eafee98
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
702396fa67e7fa779ea932e7d7ed42ba81d454aa056ff3c9e2fd66495d89c313
7606958cb9770642dbafa00fa3762ee3138a45cd750e5c691d7eae0df7b6267c
899b480c61ba64c81eca25d7e37c963401ce6521586c6f42b20648597f20acbd
8ae5b95f24ba3bf0fa5b9b21ffca4ef8a683558ae0a4985abf835f7b71ad0579
8be8717aa347a02bca6136210673f22ab858eba5c1cc6b72b53d67fd49b03bd8
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
96e6731246cfde4cd5105d790052996db04eec608c271121d570d5aa77c7ad69
9bcd4d0f29dc6556ebeeff44eaa0965f0c7f7308ee58394708cce2f698cca1b0
9e824af4d022c7bbcc501d465ed55ed0fce60049624909af3e274839d224bd04
9faa386947b3d72304d57e8d6c5ea2b233efe5264c853264c89444160fe27094
a1d4b01843b9dad68a10bba7ab416fb60cbe6052a223f6bd74cbad286b812b2a
a6d2578d4fdc18fe38d29eaedfe794231daef24765f4763682ce05e4a93d7439
a6f3f0faea4b3d48e03176341bef0ed3151ffbf226d4c6635f1c6039c0500575
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c3c0ace4a895906a45b925ca9c5d13d7cc5ec2e1a549b7e1a852690fc38686d0
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c64855333ac21ac825ae1a0d77a47b49a7d3135a8ba14852cd25f06a798939d8
c6d603c605c9e07062ffeba7c47a81e19c4f8c05604c6474371f4ad8b654c758
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d29d84e698eb10452f97d8a6f249b73496beb844cef58e920e3832bd321d64a2
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e534628fcd18becf2ff8a81f1f287d441a6cbf4c72887df3568d106e1fba2f4a
f4faca8e5501f8ee1c2c920650bb2d133bb6603b69bd5f946cecfd1dfdb88e62
f9cceab3a20f0d6525e99a8bd13eec9a0706b78a276107891721c7e3ba09d8a6

subscriptions.nzherald.co.nz Open in urlscan Pro 104.18.2.137 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

51 Requests

96 %HTTPS

0 %IPv6

12 Domains

19 Subdomains

16 IPs

4 Countries

1208 kBTransfer

3516 kBSize

23 Cookies

1 Outgoing links

Page URL History

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

subscriptions.nzherald.co.nz Open in urlscan Pro
104.18.2.137 Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

96 %
HTTPS

0 %
IPv6

12
Domains

19
Subdomains

16
IPs

4
Countries

1208 kB
Transfer

3516 kB
Size

23
Cookies

51 HTTP transactions
0 data transactions