URL: https://origin.cairnspost.com.au/
Submission: On September 13 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 51 IPs in 6 countries across 45 domains to perform 172 HTTP transactions. The main IP is 192.0.66.40, located in United States and belongs to AUTOMATTIC, US. The main domain is origin.cairnspost.com.au.
TLS certificate: Issued by R3 on September 13th 2021. Valid for: 3 months.
This is the only time origin.cairnspost.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
13 192.0.66.40 2635 (AUTOMATTIC)
8 104.75.88.206 16625 (AKAMAI-AS)
14 199.232.137.44 54113 (FASTLY)
12 104.79.88.36 16625 (AKAMAI-AS)
2 52.95.134.46 16509 (AMAZON-02)
1 52.95.134.223 16509 (AMAZON-02)
2 199.232.137.181 54113 (FASTLY)
1 3 13.226.155.20 16509 (AMAZON-02)
1 172.67.214.69 13335 (CLOUDFLAR...)
4 104.75.88.194 16625 (AKAMAI-AS)
2 141.226.228.48 200478 (TABOOLA-AS)
8 104.79.88.147 16625 (AKAMAI-AS)
2 13.226.155.84 16509 (AMAZON-02)
1 13.226.158.134 16509 (AMAZON-02)
10 142.250.27.154 15169 (GOOGLE)
1 13.226.155.103 16509 (AMAZON-02)
1 13.226.155.27 16509 (AMAZON-02)
1 151.101.113.175 54113 (FASTLY)
1 13.226.155.52 16509 (AMAZON-02)
3 13.226.155.81 16509 (AMAZON-02)
2 23.55.163.58 20940 (AKAMAI-ASN1)
1 13.226.155.11 16509 (AMAZON-02)
12 54.186.191.156 16509 (AMAZON-02)
1 54.175.30.11 14618 (AMAZON-AES)
1 52.57.82.36 16509 (AMAZON-02)
1 9 142.250.102.155 15169 (GOOGLE)
3 52.213.111.123 16509 (AMAZON-02)
2 52.48.113.109 16509 (AMAZON-02)
1 13.226.155.43 16509 (AMAZON-02)
2 13.226.146.155 16509 (AMAZON-02)
1 142.250.102.97 15169 (GOOGLE)
1 104.79.88.141 16625 (AKAMAI-AS)
3 185.33.220.243 29990 (ASN-APPNEX)
2 4 185.33.221.53 29990 (ASN-APPNEX)
2 4 142.250.102.154 15169 (GOOGLE)
1 142.250.102.157 15169 (GOOGLE)
7 142.250.102.132 15169 (GOOGLE)
5 142.250.27.103 15169 (GOOGLE)
2 54.212.155.93 16509 (AMAZON-02)
1 1 54.194.191.134 16509 (AMAZON-02)
2 52.18.40.16 16509 (AMAZON-02)
9 54.162.236.216 14618 (AMAZON-AES)
1 1 46.228.164.13 56396 (AMOBEE)
1 69.173.144.139 26667 (RUBICONPR...)
2 2 13.248.242.197 16509 (AMAZON-02)
1 1 104.79.88.155 16625 (AKAMAI-AS)
1 3 104.79.88.202 16625 (AKAMAI-AS)
1 1 199.127.207.182 26120 (RHYTHMONE)
2 2 3.124.210.90 16509 (AMAZON-02)
1 1 54.90.48.240 14618 (AMAZON-AES)
1 108.128.170.1 16509 (AMAZON-02)
1 1 72.246.100.56 16625 (AKAMAI-AS)
8 8 151.101.114.49 54113 (FASTLY)
1 69.173.144.165 26667 (RUBICONPR...)
1 2 34.98.64.218 15169 (GOOGLE)
1 185.64.190.80 62713 (AS-PUBMATIC)
1 2 185.94.180.125 35220 (SPOTX-AMS)
1 185.60.216.35 32934 (FACEBOOK)
1 213.19.147.45 26120 (RHYTHMONE)
172 51
Apex Domain
Subdomains
Transfer
16 taboola.com
cdn.taboola.com
trc.taboola.com
am-trc-events.taboola.com
images.taboola.com
181 KB
15 adsafeprotected.com
cdn.adsafeprotected.com
pixel.adsafeprotected.com
static.adsafeprotected.com
dt.adsafeprotected.com
104 KB
14 doubleclick.net
securepubads.g.doubleclick.net
8228261.fls.doubleclick.net Failed
cm.g.doubleclick.net
163 KB
13 googlesyndication.com
pagead2.googlesyndication.com
26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com Failed
tpc.googlesyndication.com
52 KB
13 cairnspost.com.au
origin.cairnspost.com.au
246 KB
12 demdex.net
dpm.demdex.net
newscorpau.demdex.net
16 KB
11 api.news
content.api.news
260 KB
9 everesttech.net
cm.everesttech.net
sync-tm.everesttech.net
2 KB
9 news.com.au
mhr.talk.news.com.au
tags.news.com.au
200 KB
8 adnxs.com
acdn.adnxs.com
secure.adnxs.com
ib.adnxs.com
8 KB
8 newscdn.com.au
resourcesssl.newscdn.com.au
81 KB
6 google.com
adservice.google.com
www.google.com
1 KB
6 imrworldwide.com
cdn-gl.imrworldwide.com
secure-sdk.imrworldwide.com
1mifg14gklvztimh6ruucxuzr206e1631576873.nuid.imrworldwide.com
66 KB
4 adsrvr.org
js.adsrvr.org
match.adsrvr.org
6 KB
4 tiqcdn.com
tags.tiqcdn.com
19 KB
3 casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
2 KB
3 serving-sys.com
secure-ds.serving-sys.com
bs.serving-sys.com
23 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
s3-ap-southeast-2.amazonaws.com
60 KB
2 spotxchange.com
sync.search.spotxchange.com
1 KB
2 openx.net
us-u.openx.net
470 B
2 krxd.net
usermatch.krxd.net
beacon.krxd.net
528 B
2 eyeota.net
ps.eyeota.net
1 KB
2 pubmatic.com
image5.pubmatic.com
image2.pubmatic.com
896 B
2 rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
453 B
2 omtrdc.net
newscorpau.sc.omtrdc.net
568 B
2 googletagservices.com
www.googletagservices.com
65 KB
2 vidora.com
assets.vidora.com
4 KB
2 perfectmarket.com
widget.perfectmarket.com
32 KB
1 1rx.io
sync.1rx.io
107 B
1 facebook.com
www.facebook.com
1 KB
1 bluekai.com
tags.bluekai.com
713 B
1 scanscout.com
dt.scanscout.com
692 B
1 turn.com
d.turn.com
402 B
1 google.de
adservice.google.de
853 B
1 googletagmanager.com
www.googletagmanager.com
39 KB
1 chartbeat.net
ping.chartbeat.net
201 B
1 hotjar.com
static.hotjar.com
344 B
1 kampyle.com
nebula-cdn.kampyle.com
1 KB
1 newscgp.com
au.tags.newscgp.com
48 KB
1 rlcdn.com
ats.rlcdn.com
61 KB
1 chartbeat.com
static.chartbeat.com
23 KB
1 fontawesome.com
use.fontawesome.com
12 KB
0 googleadservices.com Failed
www.googleadservices.com Failed
0 mookie1.com Failed
au-gmtdmp.mookie1.com Failed
172 45
Domain Requested by
13 origin.cairnspost.com.au origin.cairnspost.com.au
11 dpm.demdex.net tags.news.com.au
origin.cairnspost.com.au
11 content.api.news origin.cairnspost.com.au
10 securepubads.g.doubleclick.net tags.tiqcdn.com
securepubads.g.doubleclick.net
origin.cairnspost.com.au
www.googletagservices.com
9 dt.adsafeprotected.com origin.cairnspost.com.au
9 cdn.taboola.com origin.cairnspost.com.au
cdn.taboola.com
8 sync-tm.everesttech.net 8 redirects
8 tags.news.com.au tags.tiqcdn.com
au.tags.newscgp.com
8 resourcesssl.newscdn.com.au origin.cairnspost.com.au
7 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
5 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 cm.g.doubleclick.net 3 redirects
4 ib.adnxs.com 2 redirects origin.cairnspost.com.au
4 tags.tiqcdn.com origin.cairnspost.com.au
tags.tiqcdn.com
4 trc.taboola.com cdn.taboola.com
origin.cairnspost.com.au
3 secure.adnxs.com origin.cairnspost.com.au
3 pixel.adsafeprotected.com cdn.adsafeprotected.com
origin.cairnspost.com.au
3 cdn-gl.imrworldwide.com tags.news.com.au
cdn-gl.imrworldwide.com
3 sb.scorecardresearch.com 1 redirects cdn.taboola.com
origin.cairnspost.com.au
2 sync.search.spotxchange.com 1 redirects
2 us-u.openx.net 1 redirects
2 ps.eyeota.net 2 redirects
2 ssum.casalemedia.com 1 redirects
2 match.adsrvr.org 2 redirects
2 static.adsafeprotected.com pixel.adsafeprotected.com
origin.cairnspost.com.au
2 newscorpau.sc.omtrdc.net tags.news.com.au
origin.cairnspost.com.au
2 www.googletagservices.com securepubads.g.doubleclick.net
2 js.adsrvr.org secure-ds.serving-sys.com
2 secure-sdk.imrworldwide.com origin.cairnspost.com.au
2 secure-ds.serving-sys.com tags.tiqcdn.com
secure-ds.serving-sys.com
2 assets.vidora.com origin.cairnspost.com.au
assets.vidora.com
2 am-trc-events.taboola.com origin.cairnspost.com.au
2 widget.perfectmarket.com cdn.taboola.com
widget.perfectmarket.com
1 sync.1rx.io
1 www.facebook.com
1 image2.pubmatic.com
1 dsum-sec.casalemedia.com
1 pixel.rubiconproject.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 dt.scanscout.com 1 redirects
1 image5.pubmatic.com 1 redirects
1 token.rubiconproject.com
1 d.turn.com 1 redirects
1 cm.everesttech.net 1 redirects
1 newscorpau.demdex.net tags.news.com.au
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.de securepubads.g.doubleclick.net
1 acdn.adnxs.com origin.cairnspost.com.au
1 www.googletagmanager.com secure-ds.serving-sys.com
1 1mifg14gklvztimh6ruucxuzr206e1631576873.nuid.imrworldwide.com origin.cairnspost.com.au
1 bs.serving-sys.com secure-ds.serving-sys.com
1 ping.chartbeat.net origin.cairnspost.com.au
1 cdn.adsafeprotected.com tags.news.com.au
1 static.hotjar.com tags.tiqcdn.com
1 nebula-cdn.kampyle.com tags.tiqcdn.com
1 au.tags.newscgp.com tags.tiqcdn.com
1 ats.rlcdn.com tags.tiqcdn.com
1 static.chartbeat.com tags.tiqcdn.com
1 images.taboola.com origin.cairnspost.com.au
1 mhr.talk.news.com.au origin.cairnspost.com.au
1 use.fontawesome.com cdn.taboola.com
1 s3-ap-southeast-2.amazonaws.com origin.cairnspost.com.au
1 news-networkeditorial.s3-ap-southeast-2.amazonaws.com origin.cairnspost.com.au
1 news-networkeditorial.s3.ap-southeast-2.amazonaws.com origin.cairnspost.com.au
0 www.googleadservices.com Failed www.googletagmanager.com
0 26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
0 au-gmtdmp.mookie1.com Failed origin.cairnspost.com.au
0 8228261.fls.doubleclick.net Failed origin.cairnspost.com.au
172 71

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net
www.google.com
Subject Issuer Validity Valid
origin.cairnspost.com.au
R3
2021-09-13 -
2021-12-12
3 months crt.sh
news.com.au
GeoTrust RSA CA 2018
2021-04-09 -
2022-04-13
a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-25 -
2021-12-26
a year crt.sh
*.s3-ap-southeast-2.amazonaws.com
DigiCert Baltimore CA-2 G2
2021-06-23 -
2022-07-24
a year crt.sh
widget.perfectmarket.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.scorecardresearch.com
Amazon
2021-02-28 -
2022-03-29
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-07-07 -
2022-07-06
a year crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA
2021-04-19 -
2022-04-27
a year crt.sh
*.vidora.com
Amazon
2021-03-12 -
2022-04-10
a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018
2021-05-20 -
2022-06-03
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2021-02-25 -
2022-03-28
a year crt.sh
au.tags.newscgp.com
Amazon
2021-01-25 -
2022-02-22
a year crt.sh
*.kampyle.com
GlobalSign Atlas R3 DV TLS CA 2020
2021-03-22 -
2022-04-23
a year crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1
2021-01-28 -
2022-02-01
a year crt.sh
secure-ds.serving-sys.com
DigiCert SHA2 Secure Server CA
2021-04-28 -
2022-05-03
a year crt.sh
*.adsafeprotected.com
Amazon
2021-07-21 -
2022-08-19
a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1
2020-12-02 -
2022-01-02
a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018
2020-12-01 -
2021-12-30
a year crt.sh
bs.serving-sys.com
Amazon
2021-05-10 -
2022-06-08
a year crt.sh
fw.adsafeprotected.com
Amazon
2021-08-11 -
2022-09-09
a year crt.sh
*.nuid.imrworldwide.com
Amazon
2021-06-11 -
2022-07-10
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2021-03-18 -
2022-04-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018
2021-03-11 -
2022-02-07
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.google.de
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
www.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA
2020-10-29 -
2021-11-29
a year crt.sh
static.adsafeprotected.com
Amazon
2021-01-06 -
2022-02-04
a year crt.sh
dt.adsafeprotected.com
Amazon
2021-04-22 -
2022-05-21
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018
2021-02-05 -
2022-02-09
a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1
2021-01-13 -
2022-01-07
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2021-07-08 -
2022-08-08
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2021-04-08 -
2022-05-09
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA
2021-06-01 -
2022-07-02
a year crt.sh

This page contains 16 frames:

Primary Page: https://origin.cairnspost.com.au/
Frame ID: 0079D26C80EC2CE84DA1133B3646A0A4
Requests: 130 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 14F533980E219A4CD01ADCADD617523C
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 947131DBDE96CEB9E7D29B1FBD73A665
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-842636754
Frame ID: 8124D2108BA1BFC9F497910F0F5D950F
Requests: 2 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: 5F4E69676CCAA5DE4B2BB8E0522D627C
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: A56B2C0D8E51E6B060DC22BB58C7E0A7
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CL_o_7-R_fICFXEQiwodF-8Cmg;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3542778638559.454
Frame ID: 71E1278F6EFA2EFBD9BCD21556C1C888
Requests: 1 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CPDk_7-R_fICFfOBgwcdhb4Icg;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4211117518018.8164
Frame ID: 9966D8E39852200945C89A4E55DDB498
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296522&src.rand=[timestamp]
Frame ID: 235A1138137D39960BEA89C4D9F78F26
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879171&seg=9702353&t=2
Frame ID: 9CA2493B06A538E63DA514403BDF2A9A
Requests: 1 HTTP requests in this frame

Frame: https://26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6CBEDA0A9CF265E06D8683250E62DC79
Requests: 1 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=208818551&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1996456917&custom=homepage&custom3=168402071&adsafe_par&impId=03750d06-14ed-11ec-9a61-0ab32f77e5b0
Frame ID: 1014D838A3872F1C6EFD8A218C812EEB
Requests: 2 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: F0B8FE117BC7AB4BA5C108548D1AA054
Requests: 22 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: C637BCA1C864C0F0C03A6B11CB55503B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: A040B94CCC0F67F9028DA9037F777C7E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4221A998F989FD1359D4ACE9622AFD1E
Requests: 2 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • /prebid\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • serving-sys\.com/

Overall confidence: 100%
Detected patterns
  • ^(?:https?:)?//tags\.tiqcdn\.com/

Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

172
Requests

97 %
HTTPS

0 %
IPv6

45
Domains

71
Subdomains

51
IPs

6
Countries

1777 kB
Transfer

4824 kB
Size

54
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631576872786&ns_c=UTF-8&cv=3.5&c8=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%20Queensland%20%7C%20Cairns%20Post&c7=https%3A%2F%2Forigin.cairnspost.com.au%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631576872786&ns_c=UTF-8&cv=3.5&c8=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%20Queensland%20%7C%20Cairns%20Post&c7=https%3A%2F%2Forigin.cairnspost.com.au%2F&c9=
Request Chain 93
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3542778638559.454 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CL_o_7-R_fICFXEQiwodF-8Cmg;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3542778638559.454
Request Chain 94
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4211117518018.8164 HTTP 302
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPDk_7-R_fICFfOBgwcdhb4Icg;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4211117518018.8164
Request Chain 125
  • https://cm.everesttech.net/cm/dd?d_uuid=03031603146135500763302554525253418818 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YT-jKgAAAEc0DQQE
Request Chain 134
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8185407176802128549
Request Chain 136
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4428154673489464949
Request Chain 141
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDMwMzE2MDMxNDYxMzU1MDA3NjMzMDI1NTQ1MjUyNTM0MTg4MTg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDMwMzE2MDMxNDYxMzU1MDA3NjMzMDI1NTQ1MjUyNTM0MTg4MTg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
Request Chain 145
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=d6a0f836-cad7-45b3-8aed-4a7f396d966e
Request Chain 147
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Request Chain 153
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
Request Chain 155
  • https://dt.scanscout.com/ssframework/uid?UIAA=03031603146135500763302554525253418818&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aceb5ffec11ec2b3cf195f9251e7511a
Request Chain 156
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=03031603146135500763302554525253418818&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=03031603146135500763302554525253418818&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=22N8lbDzZHOAaM_jAdAjI-_4-YryH6EUJUu3Ebi5BB_U
Request Chain 157
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=03031603146135500763302554525253418818 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=03031603146135500763302554525253418818
Request Chain 158
  • https://tags.bluekai.com/site/43981?id=03031603146135500763302554525253418818&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Request Chain 159
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVQtaktnQUFBRWMwRFFRRQ== HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVQtaktnQUFBRWMwRFFRRQ==&google_tc=
Request Chain 161
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YT-jKgAAAEc0DQQE&expires=90
Request Chain 162
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YT-jKgAAAEc0DQQE
Request Chain 163
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://ib.adnxs.com/setuid?entity=158&code=YT-jKgAAAEc0DQQE
Request Chain 164
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YT-jKgAAAEc0DQQE HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YT-jKgAAAEc0DQQE
Request Chain 165
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YT-jKgAAAEc0DQQE
Request Chain 166
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YT-jKgAAAEc0DQQE&img=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YT-jKgAAAEc0DQQE&img=1&__user_check__=1&sync_id=057a3cde-14ed-11ec-b535-1a404fd50106
Request Chain 167
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YT-jKgAAAEc0DQQE&t=2592000&o=0

172 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
origin.cairnspost.com.au/
407 KB
72 KB
Document
General
Full URL
https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
c90a20bb2cca8d1c2f1107c4025db7beadcf1d6dbcbf387f42d43351725f70f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Request headers

:method
GET
:authority
origin.cairnspost.com.au
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

server
nginx
date
Mon, 13 Sep 2021 23:47:52 GMT
content-type
text/html; charset=UTF-8
content-length
73487
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
host-header
a9130478a60e5f9135f765b23f26593b
edge-cache-tag
e4b3c00f8decf2b789f3538a30b01b9d
x-content-type-options
nosniff
x-xss-protection
1
link
<https://origin.cairnspost.com.au/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
x-rq
hhn1 0 4 9980
cache-control
max-age=300, must-revalidate
age
25
x-cache
hit
vary
Accept-Encoding
accept-ranges
bytes
charter_bold.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold.woff2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
03A09A05F9B00284
etag
"c4ced7adf03d84494a6c1da275896d38"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=566868
accept-ranges
bytes
content-length
11472
x-amz-id-2
7SgQOtE5DXd+yw+muGSpBKQgUFNdC0N34VLuVoyrpGsNX+GQQMChOOxitD5N1YsghRlU3RgeUFw=
expires
Mon, 20 Sep 2021 13:15:40 GMT
charter_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
12 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_italic.woff2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
D2D8C5FED1731C4D
etag
"ad24be3fafec705de20c00e56afe05ae"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=82593
accept-ranges
bytes
content-length
12052
x-amz-id-2
F9ZHKgAnBk09tWfFGtJVkR2NpeEYeYl5A6ryw0e+c/gLQAp04Rx16nC+dsFJTTAPIb4D0qyY0Bg=
expires
Tue, 14 Sep 2021 22:44:25 GMT
charter_bold_italic.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
12 KB
12 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_bold_italic.woff2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
EE3D21683166F96F
etag
"da48b0752549dabb4675d82412c9cd2d"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=535605
accept-ranges
bytes
content-length
12440
x-amz-id-2
BGzA4H6MhiNFsVMRHnDid7w0RneCV9f+L69FdEMmbqtC5J6BXqShCVeo7uP6Jum7BVtWfb2VAeI=
expires
Mon, 20 Sep 2021 04:34:37 GMT
charter_regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
11 KB
11 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/charter_regular.woff2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Fri, 25 Sep 2020 03:04:51 GMT
server
AmazonS3
x-amz-request-id
4N2W2Y6HDY8Z3Q2W
etag
"29e85ea235248e0a7761df4fe6643e1a"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=134821
accept-ranges
bytes
content-length
11372
x-amz-id-2
Z1HhaEEhR+4SW45rFV+SZJ/QiklrgDUhrbvWmFxzzpa1Kifm2MvbbI9Ateo09sYRHNLYlfgsmGM=
expires
Wed, 15 Sep 2021 13:14:53 GMT
css-metro-desktop-lazy.css
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/
55 B
183 B
Stylesheet
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:42:49 GMT
server
nginx
age
0
etag
"613ec8b9-37"
x-cache
miss
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
expires
Tue, 13 Sep 2022 23:47:52 GMT
loader.js
cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/
256 KB
35 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6744fdcb8927b9f648125e62eaf67dead7b48a34fdb41c063b37ce81ee914da3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
IdYxH8k4Qf3IrD.PzmIMNY9deG.bE6ZQ
content-encoding
gzip
etag
"b8b895ad5f460ce2149be81b862c4106"
age
0
x-cache
HIT
content-length
34971
x-amz-id-2
q2K0CkGoruMbD5LjbHg/7QzX+rNZmilb2bwXMSKm5zBFJVwoDvqJTKwRvoHwWU0YJfObUv8uJaE=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 08:53:33 GMT
server
AmazonS3
x-timer
S1631576872.379192,VS0,VE106
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
Y91NJPA1AP3CM397
via
1.1 varnish
cache-control
private,max-age=14401
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
87
x-cache-hits
1
cairnspost.svg
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
9 KB
3 KB
Image
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/cairnspost.svg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7bc8d4813d2e392ce29978b9a0daa384be58a6e53fb39409fa3df96f533b9396

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/cairnspost.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:33:54 GMT
server
nginx
age
0
etag
W/"613ec6a2-223f"
vary
Accept-Encoding
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:47:52 GMT
e2bfd996e09262af002b4e96360dcfd6
content.api.news/v3/images/bin/
93 KB
94 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/e2bfd996e09262af002b4e96360dcfd6?width=1024
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
f77c5875446869d217093be35007de65b6511aa76ce2bce5214c8754225d42c1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
e2bfd996e09262af002b4e96360dcfd6
date
Mon, 13 Sep 2021 23:47:52 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
b88447c57074cb53238d08c9eaf8b412-e2bfd996e09262af002b4e96360dcfd6-1024
x-serial
632
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5171100
last-modified
Mon, 13 Sep 2021 20:13:36 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
95455
expires
Fri, 12 Nov 2021 20:12:52 GMT
5aa50ca9c9e66aa44c07b57b9547abe1
content.api.news/v3/images/bin/
64 KB
64 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/5aa50ca9c9e66aa44c07b57b9547abe1?width=650
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
b112612e264f3d98b0abb697188c6910a8584bb6fff35e1ac2229e96936e4504

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
5aa50ca9c9e66aa44c07b57b9547abe1
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Mon, 13 Sep 2021 19:04:34 GMT
server
Akamai Image Manager
etag
f3173aa10492f4b7b98553008c5e8029-5aa50ca9c9e66aa44c07b57b9547abe1-650
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5167114
access-control-allow-headers
x-newsapi-api-key
content-length
65232
expires
Fri, 12 Nov 2021 19:06:26 GMT
e5c366176abe7240507899b202f57143
content.api.news/v3/images/bin/
5 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/e5c366176abe7240507899b202f57143?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
10d3af8b76d426226f494942ac4ea6d2ab907168f10f3801023b0af1516fd0c7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
e5c366176abe7240507899b202f57143
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Mon, 13 Sep 2021 19:01:41 GMT
server
Akamai Image Manager
etag
b6bbfe2d3666b8abfa561f2a5477ecc9-e5c366176abe7240507899b202f57143-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5166796
access-control-allow-headers
x-newsapi-api-key
content-length
4704
expires
Fri, 12 Nov 2021 19:01:08 GMT
5ddc4747aae8de4e5e79e66b7b3d1c06
content.api.news/v3/images/bin/
4 KB
4 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/5ddc4747aae8de4e5e79e66b7b3d1c06?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
727d3b20fbde4e8da6e45309a21a2d17ad3f40f26b9ed4c4340b8bb8ecc4854f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
5ddc4747aae8de4e5e79e66b7b3d1c06
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Mon, 13 Sep 2021 19:36:57 GMT
server
Akamai Image Manager
etag
c19d8ee0424816980ee33680ee783722-5ddc4747aae8de4e5e79e66b7b3d1c06-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5168976
access-control-allow-headers
x-newsapi-api-key
content-length
3614
expires
Fri, 12 Nov 2021 19:37:28 GMT
45c946d43c1a25185aa6d8f9bbe85145
content.api.news/v3/images/bin/
5 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/45c946d43c1a25185aa6d8f9bbe85145?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
280f6a0b839e45e9d74aece7fbe7b8725a1e0458af20276b75fd9ba1e18cbfad

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
45c946d43c1a25185aa6d8f9bbe85145
date
Mon, 13 Sep 2021 23:47:53 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
8498a807f74ee739d677c5b28ac7d92d-45c946d43c1a25185aa6d8f9bbe85145-150
x-serial
359
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5183594
last-modified
Mon, 13 Sep 2021 23:40:14 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
5199
expires
Fri, 12 Nov 2021 23:41:07 GMT
b3695b3e5e7d9289fd1021a1df4faf06
content.api.news/v3/images/bin/
5 KB
5 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/b3695b3e5e7d9289fd1021a1df4faf06?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
4e655f2bdec7a6c4b8013bc3567770463f4af011bac7bb1248ecbc5a8e39bc94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
b3695b3e5e7d9289fd1021a1df4faf06
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Mon, 13 Sep 2021 08:49:08 GMT
server
Akamai Image Manager
etag
cb91b1ce7dd592c19e3bec3a080a56fa-b3695b3e5e7d9289fd1021a1df4faf06-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5130107
access-control-allow-headers
x-newsapi-api-key
content-length
4715
expires
Fri, 12 Nov 2021 08:49:39 GMT
feb5d54f323f751f22d43e118abe3d0c
content.api.news/v3/images/bin/
25 KB
26 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/feb5d54f323f751f22d43e118abe3d0c?width=650
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
33f720ff5aefaaa32549928797c687c4435d2db05dee14097c2c06cb34c6dd1b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
feb5d54f323f751f22d43e118abe3d0c
date
Mon, 13 Sep 2021 23:47:52 GMT
x-check-cacheable
YES
server
Akamai Image Manager
etag
ede4fd2bc4245173548511c7b67631d8-feb5d54f323f751f22d43e118abe3d0c-650
x-serial
1173
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5181554
last-modified
Mon, 13 Sep 2021 23:06:54 GMT
access-control-allow-headers
x-newsapi-api-key
content-length
26084
expires
Fri, 12 Nov 2021 23:07:06 GMT
74e74e687a063be66191a5f674ec8e98
content.api.news/v3/images/bin/
39 KB
39 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/74e74e687a063be66191a5f674ec8e98?width=650
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9b0a6422cc5bbe24d1ca3574c4bd87943b688594b5dd51a34f828fde41c3a2e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
74e74e687a063be66191a5f674ec8e98
date
Mon, 13 Sep 2021 23:47:54 GMT
last-modified
Mon, 13 Sep 2021 19:19:20 GMT
server
Akamai Image Manager
etag
a5f3c794dd48a2da686c3ed99479b8dc-74e74e687a063be66191a5f674ec8e98-650
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5167968
access-control-allow-headers
x-newsapi-api-key
content-length
39960
expires
Fri, 12 Nov 2021 19:20:42 GMT
1508508244_National-Rewards-September-2021-Campaign_Digital_Aus-Wine-BOB.jpg
origin.cairnspost.com.au/wp-content/uploads/2021/09/
89 KB
89 KB
Image
General
Full URL
https://origin.cairnspost.com.au/wp-content/uploads/2021/09/1508508244_National-Rewards-September-2021-Campaign_Digital_Aus-Wine-BOB.jpg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
daae2ab4fc393f578c58eac1904b85466f51f9077c7f42467e2d0e566a32100c

Request headers

:path
/wp-content/uploads/2021/09/1508508244_National-Rewards-September-2021-Campaign_Digital_Aus-Wine-BOB.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
x-rq
hhn1 109 30 443
last-modified
Sun, 12 Sep 2021 23:17:07 GMT
server
nginx
etag
"d4277007219a2e77"
x-cache
HIT
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
91076
expires
Tue, 13 Sep 2022 15:12:59 GMT
BOB_Image_350x197_GENERIC-5.png
origin.cairnspost.com.au/wp-content/uploads/2021/09/
48 KB
48 KB
Image
General
Full URL
https://origin.cairnspost.com.au/wp-content/uploads/2021/09/BOB_Image_350x197_GENERIC-5.png
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
7f980ffcfddfbb4055da9bda5186257486054907e98eb4d3718062948138d73d

Request headers

:path
/wp-content/uploads/2021/09/BOB_Image_350x197_GENERIC-5.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
x-rq
hhn1 109 139 443
last-modified
Wed, 08 Sep 2021 02:11:12 GMT
server
nginx
etag
"55e501416d055d5e"
x-cache
HIT
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
49380
expires
Thu, 08 Sep 2022 05:08:29 GMT
rea-logo.png
news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/
28 KB
28 KB
Image
General
Full URL
https://news-networkeditorial.s3.ap-southeast-2.amazonaws.com/bob/images/rea-logo.png
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.46 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:47:54 GMT
Last-Modified
Thu, 09 Sep 2021 21:17:00 GMT
Server
AmazonS3
x-amz-request-id
Y5FT8N1VMPDFEB1B
ETag
"731035d55715734eff2f2a0f9afb31e7"
Content-Type
image/png
x-amz-version-id
fJFk.rSD7m0my1Uc67iV0dc4uKOxz4yR
Accept-Ranges
bytes
Content-Length
28648
x-amz-id-2
G+0/DtgonBqWHIlxgFYo5N0CgIYTB1qrlgMXWNPjELqQgEiVSJtFaitVBX+SWO/Mc2GrOQPYdtI=
horoscopes.svg
news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/
9 KB
9 KB
Image
General
Full URL
https://news-networkeditorial.s3-ap-southeast-2.amazonaws.com/bob/images/horoscopes.svg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.46 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:47:54 GMT
Last-Modified
Thu, 05 Nov 2020 03:40:33 GMT
Server
AmazonS3
x-amz-request-id
Y5FP3EBB6BY4MRRY
ETag
"e9dc4230a2305a0cb7743e2ade763349"
Content-Type
image/svg+xml
x-amz-version-id
NaxMYGcYiBqyljIpDSJQNqEzm8yfC62_
Accept-Ranges
bytes
Content-Length
9223
x-amz-id-2
/eo5TGwwDuocNdOt+3WO6bqknrHPEJ+TguccFJDBRTwrUuPOzWZKISIdvzHc8ISe0rB17P0abGk=
NCCP_thumb.jpg
s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/
22 KB
22 KB
Image
General
Full URL
https://s3-ap-southeast-2.amazonaws.com/t3-resources/prod/publications/smedia/NEWSCORPTITLES/NCCP_thumb.jpg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.134.223 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
7d72217c28ca528df7dfe7073878980a7dcb2410cfe8001b5b0e61fb283591d7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:47:54 GMT
Last-Modified
Mon, 13 Sep 2021 16:02:37 GMT
Server
AmazonS3
x-amz-request-id
Y5FKEZW46EQWXDZF
ETag
"7c0e4c9fa104b1f0073cecdb99510deb"
x-amz-meta-sha256
7d72217c28ca528df7dfe7073878980a7dcb2410cfe8001b5b0e61fb283591d7
x-amz-version-id
HuIA42VL3IYc5lJdqffAqtgtKhSn9OCf
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
22398
x-amz-id-2
2dQEf/r+s+mNyyohmlQJYCeNrYnOpzspQe9oSuuwmmqvKAffr67koANxrpcHnj/i++9Dv5Ge36g=
x-amz-meta-s3b-last-modified
20210913T145540Z
cairnspost-white.svg
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/
9 KB
3 KB
Image
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/images/logos/cairnspost-white.svg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
28fafae3e9ce51dacaa2e2e77922dcc08ddd15bb4d1ed3e2af9d3f6e2deead02

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/images/logos/cairnspost-white.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:33:54 GMT
server
nginx
age
0
etag
W/"613ec6a2-235f"
vary
Accept-Encoding
x-cache
miss
content-type
image/svg+xml
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:47:52 GMT
js-critical-desktop.js
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
6 KB
3 KB
Script
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9014d66103b5392d1b4c6f06bae251c17ddb595cdfe900dea5315ab98808e808

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:42:49 GMT
server
nginx
age
0
etag
W/"613ec8b9-191e"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:47:52 GMT
title-arrow.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
540 B
860 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow.svg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Wed, 16 Sep 2020 23:56:43 GMT
server
AmazonS3
x-amz-request-id
4R7K4V2MCP8N6R9R
etag
"4d7595f832e4962b83a9428c3723233b"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=367185
accept-ranges
bytes
content-length
540
x-amz-id-2
yFp+J8podmJKYyKRfQ/R6sCdmNKmc7oSxu2WJJo8l7sTrFyLYOhTILB0ssSzjaQiADalzLa82Ug=
expires
Sat, 18 Sep 2021 05:47:37 GMT
title-arrow-white.svg
resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/
535 B
856 B
Image
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/images/icons/title-arrow-white.svg
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Thu, 17 Sep 2020 00:28:25 GMT
server
AmazonS3
x-amz-request-id
BX6X5G9GEK1G9M4M
etag
"b0f5ec7455ded53e84de4fee006a5110"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=186553
accept-ranges
bytes
content-length
535
x-amz-id-2
DaJA+c3KcMZ/NSCnfYFtodFhl20AOf2rAAm9dMwdtqM4FPtgkxYVKxyt+50eW/YJb1+mPpYz97g=
expires
Thu, 16 Sep 2021 03:37:05 GMT
source-sans-pro-regular.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-regular.woff2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Tue, 01 Sep 2020 04:31:33 GMT
server
AmazonS3
x-amz-request-id
34B4778288C88CAA
etag
"899c8f78ce650d4009d42443897aa723"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=234877
accept-ranges
bytes
content-length
16112
x-amz-id-2
0V9i/JC3jV0uO9z1+RHGizGZNe8ea4s0M3lvOab3o97ikLfxhLYoNjWrU3t9GbdAE8O37bCHHcA=
expires
Thu, 16 Sep 2021 17:02:29 GMT
source-sans-pro-600.woff2
resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/
16 KB
16 KB
Font
General
Full URL
https://resourcesssl.newscdn.com.au/cs/ts2020/assets/fonts/source-sans-pro-600.woff2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.206 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-206.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Tue, 22 Sep 2020 06:30:09 GMT
server
AmazonS3
x-amz-request-id
B9F079BFD69B8BC1
etag
"c85615b296302af51e683eecb5e371d4"
access-control-allow-methods
GET,POST
content-type
binary/octet-stream
access-control-allow-origin
*
cache-control
max-age=539669
accept-ranges
bytes
content-length
15948
x-amz-id-2
DPCyCCKT0juTREQMOkBTQL82bK8sJ1cHlMUrULDEc9V9ZluCRM4RuSFSdOhDVMhG9DNYyK1s4MM=
expires
Mon, 20 Sep 2021 05:42:21 GMT
load.js
widget.perfectmarket.com/newscorpau-aud-cairnspost/
3 KB
2 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-cairnspost/load.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d5be2c218afb1967771279fae48c65ed29101f2b91b51933e0aacba437a34a29

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
qO03E_1FBk.vVlskFOkStEE45D2AUB7V
content-encoding
gzip
etag
"f1467e687de98daf71e2247dec10989c"
age
0
x-cache
HIT, MISS
content-length
1216
x-amz-id-2
V04TMHk4hEiaiSVpHbk4ovaB+AfZqllK3ItYusONcpNX7jX2LWkCmbXsEpYFlTTzLjas7Oz38Tc=
x-served-by
cache-sna10721-LGB, cache-hhn11545-HHN
last-modified
Thu, 09 Apr 2020 05:57:42 GMT
server
AmazonS3
x-timer
S1631576873.691023,VS0,VE298
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding,,
x-amz-request-id
A0Z5YSKR1VQ00EX6
via
1.1 varnish, 1.1 varnish
cache-control
max-age=300
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 0
impl.20210913-4-RELEASE.js
cdn.taboola.com/libtrc/
527 KB
117 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20210913-4-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aeafd28221cbbba478a0b1211f707f5699ce15f2eb7e4c853a3cf5dca161b74b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
ZUc5N.f3Ls1Ey4sL0viT3T7NbCWj01dy
content-encoding
br
etag
"99baa46aa4040b46d9319c933e58003e"
age
25634
x-cache
HIT
content-length
119467
x-amz-id-2
Jb38WjUDn7duPqE9SbWPbBU+Yk7gUXZGKvNYQF0DA/YODc9M1kFjr1INVsFtXsw5CyItS/vUliU=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 08:39:53 GMT
server
AmazonS3-br
x-timer
S1631576873.546199,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
FYTV302V3JVY06T2
via
1.1 varnish
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
application/javascript
abp
22
x-cache-hits
161115
beacon.js
sb.scorecardresearch.com/
1 KB
1 KB
Script
General
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-20.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 13:35:49 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
122661
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
TK6cc6_QNMEUK0Q7PTt3UZEsCB0h2EQwgCA6bWFlS9rWzfrLo45hNw==
css-metro-desktop-lazy.css
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/
55 B
95 B
Stylesheet
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=15
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css?v=15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:42:49 GMT
server
nginx
age
0
etag
"613ec8b9-37"
x-cache
miss
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
55
expires
Tue, 13 Sep 2022 23:47:52 GMT
rampart.js
origin.cairnspost.com.au/remote/identity/rampart/latest/
0
0
Script
General
Full URL
https://origin.cairnspost.com.au/remote/identity/rampart/latest/rampart.js
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:path
/remote/identity/rampart/latest/rampart.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
text/html
content-length
167
js-metro-desktop-lazy.js
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
69 KB
21 KB
Script
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
8a367bf06b234e926316ba7a691f834622cf35f7ba522728dd1314e0bcb6cf26

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:42:49 GMT
server
nginx
age
0
etag
W/"613ec8b9-11421"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:47:52 GMT
js-weather.js
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
6 KB
2 KB
Script
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=15
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
0729584fa8db62366357db458cac062c54ba48e1583a5248cbd5c2e07544944c

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-weather.js?v=15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:42:49 GMT
server
nginx
age
0
etag
W/"613ec8b9-18f3"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:47:52 GMT
all.css
use.fontawesome.com/releases/v5.6.3/css/
52 KB
12 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.6.3/css/all.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.214.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a

Request headers

Referer
https://origin.cairnspost.com.au/
Origin
https://origin.cairnspost.com.au
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
Y5FP0V2RHC5S2DNS
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-amz-id-2
sSk4Z0DsfxmeI8xvPKkQFnezT0LzpDoW5cQdeZfztqI/ZZjcY8xpcRObW4owyIfrHLzIkQVZNhQ=
last-modified
Wed, 30 Jun 2021 15:44:33 GMT
server
cloudflare
etag
W/"dc93d584e41f8417f6b7163320d34329"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIVO76HIIHdjnGAWmVARQ1gOyNTCPIhlOI5LOCok%2BnjgdB9XrfR9dlY59zkLP%2B5BAO2GqifcqZvGq7qeQk6wfCJtiarbEewUDBHlJAVacZH23l8d8Fxj4ARg403rS91m%2F9VhhJC0"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
68e543603e3a5b5f-IAD
json
trc.taboola.com/newscorpau-aud-cairnspost/trc/3/
3 KB
2 KB
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-cairnspost/trc/3/json?tim=23%3A47%3A52.729&lti=deflated&data=%7B%22id%22%3A647%2C%22ii%22%3A%22_homepage_%22%2C%22it%22%3A%22home%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1631523187381%2C%22vi%22%3A1631576872690%2C%22cv%22%3A%2220210913-4-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Forigin.cairnspost.com.au%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A10957%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-h2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-midrail-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22orig_uip%22%3A%22Desktop%20Mid%20Rail%20Home%20Native%22%2C%22cd%22%3A1386.109375%2C%22mw%22%3A194%7D%5D%2C%22cacheKey%22%3A%22home%3D_homepage_%2CDesktop%20Mid%20Rail%20Home%20Native%3Dthumbnails-midrail-native%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210913-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60fcd8324adba2f7d79bfa56c42dedb22021f2cbb211803a103c4d3d39f8d8c4

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
42
date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
server
nginx
x-timer
S1631576873.756441,VS0,VE42
x-served-by
cache-hhn11530-HHN
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://origin.cairnspost.com.au
access-control-allow-credentials
true
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
via
1.1 varnish
x-cache-hits
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1631576872786&ns_c=UTF-8&cv=3.5&c8=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%2...
  • https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631576872786&ns_c=UTF-8&cv=3.5&c8=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%...
64 B
330 B
Image
General
Full URL
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631576872786&ns_c=UTF-8&cv=3.5&c8=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%20Queensland%20%7C%20Cairns%20Post&c7=https%3A%2F%2Forigin.cairnspost.com.au%2F&c9=
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.20 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-20.dus51.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
L6Wr4tLJxuKGWr3SMjuEnifc2yHmKOGgvFi3aiWNX-GL49Y6szpxEA==

Redirect headers

date
Mon, 13 Sep 2021 23:47:52 GMT
via
1.1 d47fba004c254adb4e354d0cef499808.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1631576872786&ns_c=UTF-8&cv=3.5&c8=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%20Queensland%20%7C%20Cairns%20Post&c7=https%3A%2F%2Forigin.cairnspost.com.au%2F&c9=
content-length
302
x-amz-cf-id
O7fY6j60mag4GeS_DhTKIMMRFm0N1mWN3H-o7HdyHt5mrzWiciM1JA==
comments-count
mhr.talk.news.com.au/api/v1/
1 KB
1 KB
Fetch
General
Full URL
https://mhr.talk.news.com.au/api/v1/comments-count?ids=35a686c198a8b7e0380cdb7e9655a3d2,af57d925afeefdf98e16a155fed99a22,061644f8160ea128e8581b5360c4a656,592765dacffd144dc3699fef1ddab465,27f6fbe375d64af388f9b8628c5824e8,64ccf4b0bcb422566fb550159e002fe9,be86fccf9d0795fff15ab8518aa251e5,f81705f28a414f7807760ac1ece9f40d,2e52a1447f7f1a145b1ef0a6fb4f8826,3999ea7a6b1d737111838c6237b8c171,ca697bc180f5d459b2b9b2f8c53b09d8,a54b011827831065537a4b310ce9f5f1,bb371b0abe2c7e9f9c15bf2201027ed2,490227a4540c286e2ce917a6e17e0f23,fe19101790499b97e9c6e6d227595447,18569ca096523a130000f74f979f88e9,f2b062583d2ec2589ee39b640d22966b,f35a59f9042a941592e7f77faa4fb5a8,e93d738cc2790c92c90af07fe70212c3,adbc124e1675f6825b9b325c525ee976,8645eecb2c97bd6b85311f8b997e79ad,c308b34325a25c8ddb5f8a3b51656566,1879a0f2ea63bbf780fef8db2960ab20,1ee0a0b31ae9de4682abec4844d19eef,1a1215dad21b2eeaea5b9a639c49d8b8,ab6f9c49a7a81cbf6c5acced8295c78e,a7c477c69bf990ebebe750468955a058,69c04723e2dbe5d957e20b38bfdb0dff,637cef45d4013b83152e45ef80500509,b4569118b9b434a2ff3d9d880aa57d52,8a5b98d5bf81a9e68391c6a83259221b,04f0139f50a0a67205e961aa21255a47,f32bfb0fc3a130ec08faf6fe256cd376,1cc3c0074dd677329e12895405c3e402,19d6b0d187c98f45ee197bb7e5a85118,d984998cb47b79be839794c9076cd070,ddda403d198324d71cc27ae62dc09068
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
nginx/1.20.1 /
Resource Hash
e2abbe6ebb7d5abafb10db02c60fe6ad48562f8a6a6371a8ce324980dc76d664
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.20.1
etag
W/"55f-AQn8ld/kCmWSSjKbwLmlQkYQpC0"
x-download-options
noopen
x-dns-prefetch-control
off
content-type
application/json; charset=utf-8
access-control-allow-origin
*
date
Mon, 13 Sep 2021 23:47:53 GMT
x-talk-trace-id
03504680-14ed-11ec-b9ed-6501ec8d3064
vary
Accept-Encoding
content-length
775
x-xss-protection
1; mode=block
4870
origin.cairnspost.com.au/wp-json/api/weather/
3 KB
1 KB
Fetch
General
Full URL
https://origin.cairnspost.com.au/wp-json/api/weather/4870
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-metro-desktop-lazy.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
292705950984736c0888ee27e4428bb0fa4d77333638a4341487dfb17b773e98

Request headers

:path
/wp-json/api/weather/4870
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
empty
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
server
nginx
age
0
vary
Accept-Encoding
x-cache
miss
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
expires
Wed, 11 Jan 1984 05:00:00 GMT
450caee99d0f39aa93a32b1d83752fbd
content.api.news/v3/images/bin/
5 KB
6 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/450caee99d0f39aa93a32b1d83752fbd?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
ab732d27774ae2dfc831b822704faf1a6ed395a9b8eeda1cb1cdc7130c4c618f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
450caee99d0f39aa93a32b1d83752fbd
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Fri, 10 Sep 2021 20:58:40 GMT
server
Akamai Image Manager
etag
c066faffbb43f3ca1c393a1420bbef39-450caee99d0f39aa93a32b1d83752fbd-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4914704
access-control-allow-headers
x-newsapi-api-key
content-length
5467
expires
Tue, 09 Nov 2021 20:59:36 GMT
b9563e4a772cbe3e3ed2a3cf4ebbe8f6
content.api.news/v3/images/bin/
5 KB
6 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/b9563e4a772cbe3e3ed2a3cf4ebbe8f6?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
9d2ced8d279292c52a3dfd3eb6fac8e5a96bf8694eec54b13273abfded0c323c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
b9563e4a772cbe3e3ed2a3cf4ebbe8f6
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Fri, 10 Sep 2021 04:54:39 GMT
server
Akamai Image Manager
etag
d3e4ac46cc012b61a24e5326ab0c1e5f-b9563e4a772cbe3e3ed2a3cf4ebbe8f6-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=4856787
access-control-allow-headers
x-newsapi-api-key
content-length
5617
expires
Tue, 09 Nov 2021 04:54:19 GMT
da4296b65b4d09ca68d93c3c8c2b476c
content.api.news/v3/images/bin/
6 KB
6 KB
Image
General
Full URL
https://content.api.news/v3/images/bin/da4296b65b4d09ca68d93c3c8c2b476c?width=150
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-36.deploy.static.akamaitechnologies.com
Software
Akamai Image Manager /
Resource Hash
879e933f3b53eee2e470647cb404181936d3ad323ba2599bdec3d09f9d4bfd6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag
da4296b65b4d09ca68d93c3c8c2b476c
date
Mon, 13 Sep 2021 23:47:52 GMT
last-modified
Mon, 13 Sep 2021 04:03:11 GMT
server
Akamai Image Manager
etag
5bc855b4422738be8f3c33c5b220a840-da4296b65b4d09ca68d93c3c8c2b476c-150
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
x-hobit
2B
cache-control
private, no-transform, max-age=5113004
access-control-allow-headers
x-newsapi-api-key
content-length
5937
expires
Fri, 12 Nov 2021 04:04:36 GMT
utag.js
tags.tiqcdn.com/utag/newsltd/cairns/prod/
61 KB
16 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
137c9bb31df4a8ad161a3235b65eb1db00882a0996a0fc43eb299ff6be8cd3c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
last-modified
Mon, 06 Sep 2021 05:32:23 GMT
server
AkamaiNetStorage
etag
"ae0fe5b7c2d85df587a934092e173f2f:1630906342.899642"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=300
accept-ranges
bytes
content-length
16503
expires
Mon, 13 Sep 2021 23:52:52 GMT
js-vidora-client.js
origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/
7 KB
3 KB
Script
General
Full URL
https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=15
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-critical-desktop.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.40 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
607a27c4574a4fdfc027878106c05fdffc9bf44c926eec0de1395b4132773802

Request headers

:path
/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=15
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
origin.cairnspost.com.au
referer
https://origin.cairnspost.com.au/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
content-encoding
gzip
x-rq
hhn1 0 4 9980
last-modified
Mon, 13 Sep 2021 03:42:49 GMT
server
nginx
age
0
etag
W/"613ec8b9-1b27"
vary
Accept-Encoding
x-cache
miss
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
expires
Tue, 13 Sep 2022 23:47:52 GMT
cta-branding.js
cdn.taboola.com/demand-formats/cta-branding/
19 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210913-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding
gzip
etag
"7a6ef5412d45e94af6813e18c060355d"
age
2067
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5990
x-amz-id-2
lol8LNjNAIlS6jr8qfZgPWBIoFJDgFzjQC95t9RuADnrZ6oz0xGB8/U9J6+t3Cla12mhfuLrNrw=
x-served-by
cache-hhn11530-HHN
last-modified
Tue, 06 Jul 2021 14:02:32 GMT
server
AmazonS3
x-timer
S1631576873.833776,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
2M58Y28PT8R52D5K
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript
abp
22
x-cache-hits
3847
cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/
2 KB
964 B
Stylesheet
General
Full URL
https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210913-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
utbdQZ5v14OnoTUQd.81IxLPfHveDfBr
content-encoding
gzip
etag
"11f540e55c5b728ecc4eab8bb1cfa0d4"
age
19753
x-cache
HIT
x-amz-replication-status
PENDING
content-length
707
x-amz-id-2
zKB2kjqcU4cIJ1wtofym8c1uxHT3JYRDcxf/QGPUIcoH/yit2NY6yKnieALeSX/z5iFui+haGnE=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 10:18:26 GMT
server
AmazonS3
x-timer
S1631576873.833860,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
AHT6FX8D3Y2ZZW9T
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
text/css
abp
22
x-cache-hits
155322
tfa-eid.20210913-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
14 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/tfa-eid.20210913-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b44ffe26914f8f7758ac2792e8aff5b1f9ef09c209909ed9972f3a8c9db110a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
9AyBCDXJ1.TB4Y09AIcZsHj5Y6y5xT.d
content-encoding
gzip
etag
"d67ffc0256946e0d32c9c416a8471026"
age
78
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5062
x-amz-id-2
hPVr7mv8IuEeDwFA0i5Z1TDtJrwiRqWfkf5h8ZkUYut6iLZHWVpgJPwoAX105rKtoT43YcHRLEc=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 08:51:12 GMT
server
AmazonS3
x-timer
S1631576873.835399,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
FBAMXD4VQAV9NHJP
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
99
sha256.20210913-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
6 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/sha256.20210913-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1d5be09096b8b52e6d5f10772567c6b02bad4efa7506b468ce3e34739cf32c84

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
ByVXVkMcoDZhYPac30XBopSH2QD0qqFr
content-encoding
gzip
etag
"2b8abb402877ca6ca99a19a7563cdde0"
age
80
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2589
x-amz-id-2
fuhjADakfl5sbA5W6JYYoKPX0DO6qWkH8nHBQ8YFS1QzCGsfIG31UL3RoozkA1N95TtcQWlDwxI=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 08:51:55 GMT
server
AmazonS3
x-timer
S1631576873.835706,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
FBAG93JH52ZHZZPF
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
93
distance-from-article.20210913-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20210913-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b71394594d41941aae976ddac4dfa342fe5329267a6cb6459c9424b3aaab0032

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
V7srAlT1rc0Y_uxKYGkc8QV7cH_tVdPK
content-encoding
gzip
etag
"ce581e22799790039311717d532c50c6"
age
19
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1006
x-amz-id-2
n+N9pFCImYfJD7oyb0qMpur0slP4f8xfv4J/19mHpqXbdQYO98jIApdtwc2/KqL7HkSIdVFBX8Y=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 08:54:36 GMT
server
AmazonS3
x-timer
S1631576873.844571,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
70TN335946T8VJQV
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
8
article-detection.20210913-4-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20210913-4-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-cairnspost/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
62ec7ef2534215c69b3bdada25a801b44a16bf130553e13c26919dbce658ba57

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
CZPi6GsWGp_sIOcVMCP_E2.qN7b.uZTL
content-encoding
gzip
etag
"fb3744421b05e4a17da39b4b9d492114"
age
15
x-cache
HIT
x-amz-replication-status
PENDING
content-length
857
x-amz-id-2
gl4JRPM2MP8frQ4ehQ5vSCj6Ge6lmVyjT5GXAzwZdCQkLz0hqYPb+L4DoXk58tnZU+bkfY37waE=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 13 Sep 2021 08:54:46 GMT
server
AmazonS3
x-timer
S1631576873.845155,VS0,VE0
date
Mon, 13 Sep 2021 23:47:52 GMT
vary
Accept-Encoding
x-amz-request-id
QMW1JJESS4HN7J8A
via
1.1 varnish
cache-control
private,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
abp
22
x-cache-hits
7
debug
am-trc-events.taboola.com/newscorpau-aud-cairnspost/log/2/
0
90 B
Image
General
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-cairnspost/log/2/debug?tim=23%3A47%3A52.838&type=error&msg=Error%20in%20publisher-start%3A%20TRC.randomFixedOCs%20Cannot%20set%20properties%20of%20undefined%20(setting%20%27title%27)&id=737&cv=20210913-4-RELEASE&lt=deflated&pct=1
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:52 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24201
output-onlinepngtools.png
cdn.taboola.com/static/impl/png/
433 B
780 B
Image
General
Full URL
https://cdn.taboola.com/static/impl/png/output-onlinepngtools.png
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
AAyhRafOuktzn.f74Q8OqW.nPL5_HaO.
via
1.1 varnish
etag
"85ce6ba53f1b4531a8d6ea8389d13cf7"
age
12576
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
433
x-amz-id-2
52zEblPeW/I2kUCXFDmNcxpylTUmb+EwbnlNZwIWQqYuVb2X66IAdQITLMhL1lU7mzNbltuJQVQ=
x-served-by
cache-hhn11530-HHN
last-modified
Mon, 15 Feb 2021 03:14:25 GMT
server
AmazonS3
x-timer
S1631576873.847232,VS0,VE1
date
Mon, 13 Sep 2021 23:47:52 GMT
x-amz-request-id
YMRPEAFAV577QBH4
cache-control
private,max-age=31536000
accept-ranges
bytes
content-type
image/png
abp
22
x-cache-hits
1
ba8a1e41556a2f776ef92ed07d31933e
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/ba8a1e41556a2f776ef92ed07d31933e
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0c50f803070e67536a06f7be34fe6951bc7becb2a4a5d7ba76b59d02580342e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
89
date
Mon, 13 Sep 2021 23:47:52 GMT
via
1.1 varnish, 1.1 varnish
age
7462
edge-cache-tag
418587202132178927697528745563885259013,540374541456355750587967802227949001163,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-ratelimit-remaining
100
x-envoy-upstream-service-time
293
x-cache
MISS, HIT, MISS
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_180%2Cw_240%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//content.api.news/v3/images/bin/ba8a1e41556a2f776ef92ed07d31933e
content-length
7104
x-request-id
29e0f6f8ff70397693f853452abbff5b
x-backend-name
US_DIR:3FP7YNX3LMizprTZsG7BSW--F_US_nlb101
last-modified
Mon, 13 Sep 2021 21:33:23 GMT
server
nginx
x-timer
S1631576873.887636,VS0,VE89
etag
"bd77f5d0e6e117658730eb758db304f3"
x-served-by
cache-wdc5543-WDC, cache-dca17725-DCA, cache-hhn11530-HHN
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0
supply-feature
trc.taboola.com/newscorpau-aud-cairnspost/log/3/
0
247 B
Image
General
Full URL
https://trc.taboola.com/newscorpau-aud-cairnspost/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=dcbfe6c562d3e12524c37fb66fd8128e&sd=v2_a2418801df48abe8c274a5618de03f4f_91fde78e-fa3a-43f9-aad7-010e28d3c3ab-tuct83968a8_1631576872_1631576872_CIi3jgYQjPNHGPKtvYy-LyABKAEwODib4wlAhIoQSL_r2gNQo-wQWABgAGj9wYbU7pDul8cBcAA&ui=91fde78e-fa3a-43f9-aad7-010e28d3c3ab-tuct83968a8&pi=/&wi=4636598718479812001&pt=home&vi=1631576872690&d=%7B%22event_type%22%3A%22END_OF_ARTICLE_MEASUREMENT%22%2C%22event_state%22%3A%22REPORTED%22%2C%22event_value%22%3A%22%7B%5C%22distance%5C%22%3A981.109375%2C%5C%22articleClasses%5C%22%3A%5C%22site-content%5C%22%2C%5C%22articleTag%5C%22%3A%5C%22SECTION%5C%22%2C%5C%22threshold%5C%22%3A%5C%22246%5C%22%7D%22%7D&tim=23%3A47%3A52.875&id=137&llvl=1&cv=20210913-4-RELEASE&
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 13 Sep 2021 23:47:52 GMT
via
1.1 varnish
server
nginx
x-timer
S1631576873.887079,VS0,VE9
x-served-by
cache-hhn11530-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
utrack.js
tags.news.com.au/prod/utrack/
2 KB
1 KB
Script
General
Full URL
https://tags.news.com.au/prod/utrack/utrack.js?cb=16315768729550.6410283308762941
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=0, no-cache, no-store
content-type
application/x-javascript
content-length
831
expires
Mon, 13 Sep 2021 23:47:53 GMT
mitas.js
tags.news.com.au/prod/mitas/
666 B
905 B
Script
General
Full URL
https://tags.news.com.au/prod/mitas/mitas.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
cache-control
max-age=74580
server
AkamaiNetStorage
content-type
application/x-javascript
etag
"83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length
666
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/
63 B
361 B
XHR
General
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:53 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
63
mime-version
1.0
expires
Mon, 13 Sep 2021 23:47:53 GMT
pmk-202003261.3.js
widget.perfectmarket.com/newscorpau-aud-cairnspost/
111 KB
31 KB
Script
General
Full URL
https://widget.perfectmarket.com/newscorpau-aud-cairnspost/pmk-202003261.3.js
Requested by
Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-cairnspost/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.137.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9fe2218b1dcf95d2e8ed56d64a772090445e02beb9a0089d2d1746f9345c855a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
0MmKetdnydKl6hK5qveh30rnlW6EFRQn
content-encoding
gzip
etag
"d2c05f33d9c5cf0dcc166fd6f98c5a8c"
age
3779240
x-cache
HIT, HIT
content-length
30955
x-amz-id-2
ecf2pBa8nkr1KTuWr8lC5zPabMi04T8XZ1O0bVboK3m8KIx4TSHbHoTouPx7LkBhyTlTIHE7FUA=
x-served-by
cache-lax10624-LGB, cache-hhn11545-HHN
last-modified
Thu, 09 Apr 2020 05:57:41 GMT
server
AmazonS3
x-timer
S1631576873.009213,VS0,VE0
date
Mon, 13 Sep 2021 23:47:53 GMT
vary
Accept-Encoding,,
x-amz-request-id
0EWJ4A8RVFQW7PPQ
via
1.1 varnish, 1.1 varnish
cache-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
1, 100
vidora-client.1.x.x.min.js
assets.vidora.com/js/
9 KB
4 KB
Script
General
Full URL
https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/javascripts/js-vidora-client.js?v=15
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-84.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
96b8a6d0edcf33a808f2e5838e0c51e73073201f390d800183344cbac30a37e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 18:42:35 GMT
content-encoding
gzip
etag
W/"34f56d392d99dbf9b9e152fb46e0edc1"
last-modified
Fri, 03 Sep 2021 22:09:54 GMT
server
AmazonS3
age
18319
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
aX7u_-xGI5dG5xKJXejXYsK1DnuOvekyIHHkW5Y0KHA0da0PAAazGA==
social
am-trc-events.taboola.com/newscorpau-aud-cairnspost/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/newscorpau-aud-cairnspost/log/3/social?route=AM:AM:V&lti=deflated&ri=dcbfe6c562d3e12524c37fb66fd8128e&sd=v2_a2418801df48abe8c274a5618de03f4f_91fde78e-fa3a-43f9-aad7-010e28d3c3ab-tuct83968a8_1631576872_1631576872_CIi3jgYQjPNHGPKtvYy-LyABKAEwODib4wlAhIoQSL_r2gNQo-wQWABgAGj9wYbU7pDul8cBcAA&ui=91fde78e-fa3a-43f9-aad7-010e28d3c3ab-tuct83968a8&pi=/&wi=4636598718479812001&pt=home&vi=1631576872690&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%20Queensland%20%7C%20Cairns%20Post%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=23%3A47%3A53.066&id=3401&llvl=1&cv=20210913-4-RELEASE&
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 13 Sep 2021 23:47:53 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
chartbeat_video.js
static.chartbeat.com/js/
69 KB
23 KB
Script
General
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.134 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-134.dus51.r.cloudfront.net
Software
nginx /
Resource Hash
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 22:56:45 GMT
content-encoding
gzip
last-modified
Fri, 09 Jul 2021 00:14:48 GMT
server
nginx
age
3068
etag
W/"60e794f8-11377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
cache-control
max-age=7200
cross-origin-resource-policy
cross-origin
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
rXkwESvCZBPVl_N78QofZuAUBkuuMRZqaT5jovCUlMPwM4fnAtc9IA==
expires
Tue, 14 Sep 2021 00:56:45 GMT
metrics.js
tags.news.com.au/prod/metrics/
178 KB
62 KB
Script
General
Full URL
https://tags.news.com.au/prod/metrics/metrics.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6f326dd2ffff592f9d63dc27de8360d8dd5e2af2b1f2d1b913ac0c245cacfeba

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"905059eb0270f722f4960eaddc13f7aa:1630979337.436958"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=33372
content-type
application/x-javascript
nielsen.js
tags.news.com.au/prod/nielsen/
25 KB
10 KB
Script
General
Full URL
https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
3c7d74a1a7cd10083f75e287df2c9c9d85bd8616a97a339aa00aa67feec57ac3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"46f9fce7449d213bd78ada451a67236b:1630995377.774195"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=49742
content-type
application/x-javascript
content-length
9762
tad.js
tags.news.com.au/prod/tad/
85 KB
27 KB
Script
General
Full URL
https://tags.news.com.au/prod/tad/tad.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d0618c645973912e9c8183bada236232eff2800e158115d44226bea2878643e2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"53c6fdacfefd825512830207f28c784e:1630908298.315851"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=40334
content-type
application/x-javascript
content-length
27590
gpt.js
securepubads.g.doubleclick.net/tag/js/
71 KB
25 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
sffe /
Resource Hash
605107a1f70ece4f5a969d2bd7337d9c85e56fcf7a3695828a4b472531e67575
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"986 / 100 of 1000 / last-modified: 1631571161"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25115
x-xss-protection
0
expires
Mon, 13 Sep 2021 23:47:53 GMT
prebid.js
tags.news.com.au/prod/prebid/
307 KB
97 KB
Script
General
Full URL
https://tags.news.com.au/prod/prebid/prebid.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
84b2051c012ad6cb45b30bee85f013ee273962cf42ceba1a4406947bf61655e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
server
AkamaiNetStorage
etag
"2f0745bb3db408d1809040478c7a3e21:1626140457.016476"
vary
Accept-Encoding
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control
max-age=63630
content-type
application/x-javascript
ats.js
ats.rlcdn.com/
184 KB
61 KB
Script
General
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-103.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a08c01d451bd2649996e79c2480e43b5ede3f2833fdadc14ef8ab7a99e7a6fca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
Rht9EGj5CLLTbc7c28hGHR3r.Br9AlUg
content-encoding
gzip
etag
W/"ba9fcbd6e70c7f8f2ee116f4f3ed4eb6"
age
55628
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:c6969df7-acd4-4ae9-964a-80694e0cd836
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
11cd83118869b3620c5f956dedb0813c
last-modified
Mon, 30 Aug 2021 12:41:18 GMT
server
AmazonS3
date
Mon, 13 Sep 2021 08:20:59 GMT
vary
Accept-Encoding
x-amz-meta-codebuild-content-sha256
c6f0e019387f43cbaa51d31fb47cc3472809786965b16f39b6e0a64940f2e81d
via
1.1 e5dcf90f3787d486ad40e46070021460.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
content-type
application/x-javascript
x-amz-cf-id
HyiL4hWYqAd_1gkT1g8OHUNDH4jjIj-LYDa3B6k1KGFENTDQ_issYg==
ncg.js
au.tags.newscgp.com/prod/ncg/
155 KB
48 KB
Script
General
Full URL
https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-27.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
984b42277d457f58909aeee5d1fdfe6db8eaf0c9abd5e9fb60b57f2289b989bf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:18:08 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Sun, 05 Sep 2021 23:13:16 GMT
Server
AmazonS3
Age
1802
ETag
W/"bba1af398f42116dead99eb704af4e5e"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 877a7509af39a63279b2520fa0b455fa.cloudfront.net (CloudFront)
Cache-Control
max-age=3600
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
mF--TS8rhMFtC0G4ypxlKKzXZ28iWW0xqbhbh9Pb8R_J1-1qdDmlQA==
embed.js
nebula-cdn.kampyle.com/au/wau/132224/onsite/
2 KB
1 KB
Script
General
Full URL
https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.175 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8abe8fe3e6ade38b2f7e068c52e9e5c601fcaf49a197e034321cde81d31ba052

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
dvmmwk0KB5uXMj1SHTmwqX8XWpVZelyP
content-encoding
gzip
etag
"fc682e3bd454a56c401d58a74f923693"
age
53804
via
1.1 varnish
x-cache
HIT
content-length
665
x-amz-id-2
E/mWcoSGYHwjXJSkdculuNCxv/8m3xQxim2Y0nwZ5+LiYV0fA4b0HDit/QDBWlBz3/nW5QnlOkk=
x-served-by
cache-hhn4036-HHN
last-modified
Mon, 13 Sep 2021 08:50:56 GMT
server
AmazonS3
x-timer
S1631576874.654526,VS0,VE0
date
Mon, 13 Sep 2021 23:47:53 GMT
vary
Accept-Encoding
x-amz-request-id
VX5QT4C247AHG1NJ
access-control-allow-origin
*
cache-control
max-age=0,must-revalidate
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
6
utag.292.js
tags.tiqcdn.com/utag/newsltd/cairns/prod/
3 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.292.js?utv=ut4.46.201712140344
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9332c57d9087668a5942b845345aaf9eab472783d46db0ac9e2526c848aa2452

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 01:35:10 GMT
server
AkamaiNetStorage
etag
"e1ee23b364cd19a6dd9d0787b33a6dee:1569893710.098489"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
1285
expires
Tue, 28 Sep 2021 23:47:53 GMT
utag.350.js
tags.tiqcdn.com/utag/newsltd/cairns/prod/
2 KB
1 KB
Script
General
Full URL
https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.350.js?utv=ut4.46.201910010135
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
49c60e97e9f4f5b76ac2cff9ea0c843725b79a447082a07d58d1ac10f89a810c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
last-modified
Tue, 01 Oct 2019 01:35:07 GMT
server
AkamaiNetStorage
etag
"1e4353a3a6b63f295b6f9e8de760af00:1569893707.555661"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=1296000
accept-ranges
bytes
content-length
902
expires
Tue, 28 Sep 2021 23:47:53 GMT
hotjar-682706.js
static.hotjar.com/c/
0
344 B
Script
General
Full URL
https://static.hotjar.com/c/hotjar-682706.js?sv=6
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.52 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-52.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-amz-cf-pop
DUS51-C1
etag
W/d41d8cd98f00b204e9800998ecf8427e
x-cache-hit
1
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=60
content-length
0
x-amz-cf-id
yICqcA11Z6_QEa2RpuAEiakUO4yUY8dNKivQ0vHqeCkzKgb00Y6c8A==
PD1ED8B36-B2EE-413B-ABB5-EB0479D5CCAD.js
cdn-gl.imrworldwide.com/conf/
33 KB
7 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/conf/PD1ED8B36-B2EE-413B-ABB5-EB0479D5CCAD.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-81.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3435d7b36413d05c102b8d7d0e59f86873ce27b47b3a8b070191c750ca6bbaa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
78b6ZnkGB1BwDsEUIZ0XSuCk2Hs1tffx
content-encoding
gzip
etag
W/"3aaaaaa1f55d4813a61b0f0401e11254"
last-modified
Mon, 13 Sep 2021 15:18:16 GMT
server
AmazonS3
age
206
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=86400,s-maxage=86400
date
Mon, 13 Sep 2021 23:44:28 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
6g-rxRnFLwdo7fca0TK2TplH6FqCK7qxP9SGJfghB3phg0HaSVeHvQ==
ebOneTag.js
secure-ds.serving-sys.com/SemiCachedScripts/
59 KB
19 KB
Script
General
Full URL
https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-163-58.deploy.static.akamaitechnologies.com
Software
/ ARR/2.5
Resource Hash
7b57c2f5e62f93626db76e9cfe4d628efa534e17e22017582793da4b9ca6eb7b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
last-modified
Mon, 23 Aug 2021 09:12:37 GMT
server
x-powered-by
ARR/2.5
etag
"4cfe3d4ff97d71:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=289
accept-ranges
bytes
content-length
18866
utag.v.js
tags.tiqcdn.com/utag/tiqapp/
2 B
202 B
Script
General
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/cairns/202109060532&cb=1631576873580
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/cairns/prod/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.75.88.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-88-194.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
last-modified
Thu, 14 Apr 2016 16:57:51 GMT
server
AkamaiNetStorage
etag
"7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type
application/x-javascript
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Mon, 13 Sep 2021 23:57:53 GMT
iasPET.1.js
cdn.adsafeprotected.com/
22 KB
7 KB
Script
General
Full URL
https://cdn.adsafeprotected.com/iasPET.1.js
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-11.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Fri, 10 Sep 2021 15:42:37 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 02 Jun 2021 17:38:57 GMT
Server
AmazonS3
Age
288317
ETag
W/"51636de3ce868a2172f9e6996c2934e0"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
Cache-Control
max-age=604800
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
p6fF-BcQeLHmvUA5gcqvExTwzC48ORZiuYIpRG5QxGD3QzoT0M7sHQ==
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1631576873642
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
cf508ccd4468488021e4e1fb4a7e93d79a8e6b4d2ee223c5dd9b5c0e33ac8dd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-2-v013-0c4d46685.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
fwxRsFHKS+I=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://origin.cairnspost.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1545
Expires
Thu, 01 Jan 1970 00:00:00 UTC
ping
ping.chartbeat.net/
43 B
201 B
Image
General
Full URL
https://ping.chartbeat.net/ping?h=cairnspost.com.au&p=%2F&u=DIsvbLBnThSeBJfjez&d=origin.cairnspost.com.au&g=36976&g0=home%2Chomepage%2Cno_video&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=11234&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1488&t=BPAC8sCVtP-KBdU3RyCru7kyfxzs&V=128&i=The%20Cairns%20Post%20%7C%20Breaking%20News%20and%20Headlines%20from%20Cairns%20and%20Far%20North%20Queensland%20%7C%20Cairns%20Post&tz=0&_acct=anon&sn=1&sv=BU40pnDNx8nkDhZ8FODdB2y4Bre7M1&sd=1&im=06030403&_
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.30.11 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-30-11.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:54 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
43
expires
0
gdpr_user_check.esi
tags.news.com.au/prod/data-esi/top/
63 B
361 B
XHR
General
Full URL
https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by
Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.147 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-147.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:54 GMT
server
AkamaiGHost
p3p
CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag
"f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type
text/plain
access-control-allow-origin
*
cache-control
max-age=0, no-cache
content-length
63
mime-version
1.0
expires
Mon, 13 Sep 2021 23:47:54 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/
192 KB
54 KB
Script
General
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PD1ED8B36-B2EE-413B-ABB5-EB0479D5CCAD.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-81.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
WYmiUb1.Cg6z3yQT9O20r1WlJJUllnwa
content-encoding
gzip
etag
W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified
Tue, 17 Aug 2021 13:40:58 GMT
server
AmazonS3
age
1955
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
cache-control
max-age=86400
date
Mon, 13 Sep 2021 23:15:19 GMT
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
VZ5OKbTvnS0yei5mBB3gP0UMl_m6iZDMmOgCM3oTRWR8F4eS-YTm4g==
pubads_impl_2021090701.js
securepubads.g.doubleclick.net/gpt/
333 KB
117 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
sffe /
Resource Hash
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 08:38:19 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119497
x-xss-protection
0
expires
Mon, 13 Sep 2021 23:47:53 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/
101 B
119 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=origin.cairnspost.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
3173e63dd87496532c6373def03655b3225822b0ef0816d976d114e6e382b62b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Mon, 13 Sep 2021 23:47:53 GMT
6630
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/
16 KB
2 KB
XHR
General
Full URL
https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.55.163.58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-55-163-58.deploy.static.akamaitechnologies.com
Software
ATS/7.1.0 /
Resource Hash
68846b71d18b8e4470d493c486f401b96759df9bc446a288f651ef1ab4970ce6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
gBhTySTk_AZdPflid06KIwXgVOwHir1O
content-encoding
gzip
last-modified
Fri, 10 Sep 2021 03:19:11 GMT
server
ATS/7.1.0
x-amz-request-id
HNMG87GC5M45CHTB
etag
"f77e1abd22edba51f83f5f42b727679b"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=109
date
Mon, 13 Sep 2021 23:47:53 GMT
x-amz-replication-status
PENDING
accept-ranges
bytes
content-length
1179
x-amz-id-2
1C8GeWZTnVP6EZlVT+pO61I/8ZsRQ+vVM4dQtgkDQgxt/OQeBY/+y5kvhNom5BbWf4anRrrLo7Y=
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 14F5
12 KB
4 KB
Document
General
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-81.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method
GET
:authority
cdn-gl.imrworldwide.com
:scheme
https
:path
/novms/html/ls.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://origin.cairnspost.com.au/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/

Response headers

content-type
text/html
last-modified
Tue, 17 Aug 2021 13:40:58 GMT
x-amz-server-side-encryption
AES256
x-amz-version-id
zpOrZdUsdtFSUglONNnszp78Z80REEcP
server
AmazonS3
content-encoding
gzip
date
Mon, 13 Sep 2021 23:19:41 GMT
cache-control
max-age=86400
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
AaTJxHXrUSLXC0oMjUMYe620Fi4BRpmg7NeVcDMojVbxCpdBIiVQ_g==
age
1692
Serving
bs.serving-sys.com/
7 KB
2 KB
Script
General
Full URL
https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=1441339038854335807&pageurl=$$https%3A%2F%2Forigin.cairnspost.com.au%2F$$&activityValues=$$Session%3D7353313360343893683$$&ns=0&rnd=18012363787338748
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.82.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-82-36.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
18b8c0b1bf35213f56bc7c768c12378c363322ab4c6b2eb8d70cce94cb10e92f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
gzip
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
p3p
CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin
*
cache-control
no-cache, no-store
content-type
text/html; charset=UTF-8
content-length
1776
expires
Sun, 05-Jun-2005 22:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/
14 KB
6 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
cafe /
Resource Hash
b72c2fa4ec43c5e5bfe4690c354ac6ab02ce346602cb558384cb9929a957cf2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:05:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2552
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6128
x-xss-protection
0
server
cafe
etag
16709844125564118196
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 14 Sep 2021 00:05:21 GMT
pub
pixel.adsafeprotected.com/services/
631 B
871 B
XHR
General
Full URL
https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,970.250,970.50,1000.100%5D,p:/5129/ndm.tcp/home,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.tcp/home,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.tcp/home,t:display%7D&slot=%7Bid:ad-block-1000x50-1,ss:%5B1000.50,728.1%5D,p:/5129/ndm.tcp/home,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90,1000.150%5D,p:/5129/ndm.tcp/home,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.tcp/home,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=dd0e81e2-5a15-f7e0-05fc-5b346f11142e&url=https%253A%252F%252Forigin.cairnspost.com.au%252F
Requested by
Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
26745f8855b4451486086f5ed299a76f5396f09d9003be49e84095ee0922a3e5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
x-server-name
app18.ie.303net.net
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://origin.cairnspost.com.au
access-control-expose-headers
X-Server-Name
access-control-allow-credentials
true
timing-allow-origin
*
server
nginx
bulk
trc.taboola.com/newscorpau-aud-cairnspost/log/3/
0
305 B
XHR
General
Full URL
https://trc.taboola.com/newscorpau-aud-cairnspost/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210913-4-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 13 Sep 2021 23:47:53 GMT
via
1.1 varnish
server
nginx
x-timer
S1631576874.872790,VS0,VE9
x-served-by
cache-hhn11530-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://origin.cairnspost.com.au
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 14F5
44 B
562 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PD1ED8B36-B2EE-413B-ABB5-EB0479D5CCAD&sessionId=1mifg14gklvztimh6ruucxuzr206e1631576873&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.602&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.113.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-113-109.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:53 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
1mifg14gklvztimh6ruucxuzr206e1631576873.nuid.imrworldwide.com/ Frame 14F5
35 B
350 B
Image
General
Full URL
https://1mifg14gklvztimh6ruucxuzr206e1631576873.nuid.imrworldwide.com/
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-43.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 08:24:50 GMT
via
1.1 f12c01365a7e1bcbb4b6d5b856516527.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
age
55384
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
35
x-amz-cf-id
idzDbMuV70Py37e5jzEwAAn6f1PhR0NIbm8YMRwH5Ov5RagDs1CM7A==
up_loader.1.1.0.js
js.adsrvr.org/ Frame 9471
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-155.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 02:00:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
78457
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 4ecd74dda94d7576e134fcdf16df8129.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
O6PKS9d36LhDK4ScPlJECMdaP2m3T0rLTwGSDstR5me0L0ETb2cXWA==
js
www.googletagmanager.com/gtag/ Frame 8124
96 KB
39 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-842636754
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
41563c51087afa2a73e164e48e3fe5ce1cfe5b9730872a9041f03c7dba161cab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39225
x-xss-protection
0
last-modified
Mon, 13 Sep 2021 22:19:58 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 13 Sep 2021 23:47:53 GMT
up_loader.1.1.0.js
js.adsrvr.org/ Frame 5F4E
4 KB
2 KB
Script
General
Full URL
https://js.adsrvr.org/up_loader.1.1.0.js
Requested by
Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-146-155.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 02:00:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Sep 2020 15:15:34 GMT
Server
AmazonS3
Age
78457
ETag
W/"98d98b3499058b76d58073cf8ede2f10"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
Connection
keep-alive
Transfer-Encoding
chunked
X-Amz-Cf-Pop
DUS51-C1
X-Amz-Cf-Id
kT1bREt6aw_fzwIcYClB9TSRUnViyUAFafTiZMi7-Bkc5SVOF5dYjg==
pixie.js
acdn.adnxs.com/dmp/up/ Frame A56B
9 KB
4 KB
Script
General
Full URL
https://acdn.adnxs.com/dmp/up/pixie.js
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-141.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:47:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Jun 2021 15:04:00 GMT
Server
nginx/1.13.10
ETag
"60b79de0-23b3"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
3340
Expires
Tue, 14 Sep 2021 23:47:55 GMT
activityi;dc_pre=CL_o_7-R_fICFXEQiwodF-8Cmg;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3542778638559.454
8228261.fls.doubleclick.net/ Frame 71E1
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3542778638559.454?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CL_o_7-R_fICFXEQiwodF-8Cmg;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=354277863855...
0
0

activityi;dc_pre=CPDk_7-R_fICFfOBgwcdhb4Icg;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4211117518018.8164
8228261.fls.doubleclick.net/ Frame 9966
Redirect Chain
  • https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4211117518018.8164?
  • https://8228261.fls.doubleclick.net/activityi;dc_pre=CPDk_7-R_fICFfOBgwcdhb4Icg;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=421111751801...
0
0

activity
au-gmtdmp.mookie1.com/t/v2/ Frame 235A
0
0

px
secure.adnxs.com/ Frame 9CA2
0
576 B
Image
General
Full URL
https://secure.adnxs.com/px?id=879171&seg=9702353&t=2
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:53 GMT
X-Proxy-Origin
216.131.111.4; 216.131.111.4; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
f5dd5c9e-c39c-4f61-b2e3-73926e68c6cb
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/
0
576 B
Image
General
Full URL
https://secure.adnxs.com/px?id=1050010&seg=15376571&t=1
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:53 GMT
X-Proxy-Origin
216.131.111.4; 216.131.111.4; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
2548905a-7c0c-4792-91dc-c4018a491f2c
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
px
secure.adnxs.com/
0
576 B
Image
General
Full URL
https://secure.adnxs.com/px?id=1050003&seg=15376431&t=1
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.243 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
722.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:54 GMT
X-Proxy-Origin
216.131.111.4; 216.131.111.4; 722.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
3848c3e4-2900-422c-879e-126a4554b1b2
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixie
ib.adnxs.com/ Frame A56B
42 B
335 B
Image
General
Full URL
https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1631576873957&v=0.0.20&u=https%3A%2F%2Forigin.cairnspost.com.au%2F&r=https%3A%2F%2Forigin.cairnspost.com.au%2F&st=1631576873957&et=1631576873957&if=1
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:47:54 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx/1.17.9
Connection
keep-alive
X-Proxy-Origin
216.131.111.4; 216.131.111.4; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
Content-Length
42
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=origin.cairnspost.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=origin.cairnspost.com.au
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/
185 KB
20 KB
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1453676076035191&correlator=2719240354346091&output=ldjh&impl=fifs&hxva=1&scor=1599239725466997&eid=31061423%2C31062146%2C31062549%2C31061425%2C31062522%2C31062297&vrg=2021090701&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210913&iu_parts=5129%2Cndm.tcp%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C1000x50%7C728x1%2C728x90%7C1000x150%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D03750d02-14ed-11ec-9a61-0ab32f77e5b0%7Cpos%3D1%26id%3D03750d03-14ed-11ec-9a61-0ab32f77e5b0%26vw%3D40%2C50%26grm%3D40%26pub%3D40%7Cpos%3D2%26id%3D03750d04-14ed-11ec-9a61-0ab32f77e5b0%7Cpos%3D1%26id%3D03750d05-14ed-11ec-9a61-0ab32f77e5b0%7Cpos%3D2%26id%3D03750d06-14ed-11ec-9a61-0ab32f77e5b0%7Cpos%3D1%26id%3D03750d07-14ed-11ec-9a61-0ab32f77e5b0&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3D%26sec1%3Dhome%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dhomepage%26adl%3Dfalse%26abtest%3Da%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1631576873108-769562%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3DIAS_UNSCORED_PG&bc=31&abxe=1&lmt=1631576873&dt=1631576873976&dlt=1631576872329&idt=1515&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1123%2C1124%2C0%2C176%2C0&adys=48%2C467%2C9544%2C10584%2C3050%2C11234&adks=2349080324%2C3972112968%2C2499289759%2C333184106%2C2236133184%2C4162433625&ucis=1%7C2%7C3%7C4%7C5%7C6&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Forigin.cairnspost.com.au%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x134%7C300x0%7C300x0%7C1600x650%7C1248x0%7C1600x11233&msz=728x93%7C300x276%7C1248x250%7C1000x0%7C728x0%7C0x0&ga_vid=1696357329.1631576874&ga_sid=1631576874&ga_hid=1943771391&ga_fc=false&fws=640%2C640%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C0%7C1%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
ac720a002beb828e2b59de3ca998ebdeac987932c69ddd1d3107cb8015fdd98a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20567
x-xss-protection
0
google-lineitem-id
4682990628,4682990628,4682990628,4682990628,4682990628,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138234092474,138234092042,138234092456,138234082439,138234025551,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://origin.cairnspost.com.au
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6CBE
0
0

conversion_async.js
www.googleadservices.com/pagead/ Frame 8124
0
0

view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuvZSY4UH06eTA8mJtJjrXlg-1rIl25qxw61XpRewIPBfVF542N-8um-gO_kfijA89l7VAeHOg836sCXrD-QcpeZdUt34nQ2OvsPaWHxykhmEoXEEMyTSV-iHPC8JJTDZwZTeTXPioaamKnt7tdmS5lF2x3sM3ZnKwefjfNmkQZY_eCgrYKrnJw2__E9jtlNAm1aUwb_D6R8_ta-moRAnD8VWz3NPir6l9iDdjBjp2vWy3AnOLl-rp8wgyqvSxVow24dcrbRJZ-mQKiFW_YTvRX-uH0NUf82hiWKa1uQsz-_PFLTEbZsEGngvONmJpBLQ&sai=AMfl-YQ7irHjYEM4KjJcCg9qtNn2fd6hZdcbPJ5BLJhS_5__FVFE6i7mfvANeKgf-3I1rvLIkxjrBKO1P8mv&sig=Cg0ArKJSzLg8VbhwCBNHEAE&adurl=
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
cafe /
Resource Hash
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 13 Sep 2021 21:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
9912
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7641
x-xss-protection
0
server
cafe
etag
14368791910870210898
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 21:02:42 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/
2 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 22:29:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4734
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 27 Sep 2021 22:29:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/
125 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
sffe /
Resource Hash
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273423644667"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38649
x-xss-protection
0
expires
Mon, 13 Sep 2021 23:47:54 GMT
l
www.google.com/ads/measurement/
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRnPJZnJ009T-pjDNFXiV0mKJZ5ry9K7P2yaqI8nMQ8Hc1HVvLUDonhiI0zOzux6EmG_Fc-
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

7114969398400660195
tpc.googlesyndication.com/simgad/
68 B
179 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/7114969398400660195
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:20:46 GMT
x-content-type-options
nosniff
age
66428
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:39:36 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:20:46 GMT
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssKFZL_KTpfzyx0DzITydZ2qGmcYa2mC8csk2ghuT7sXSPXkyzxI9FBDxKU_a-cD5Y8BGh_nXPk-HmQm_n7uKRbGT0MJsP9wpDRoIhtV6yTrG2QPimFKcF-angH2LfHguRKvWE2HwbdCNAIs6cOexl8sjpKVDFmzp1R4jPAlEf0ByKYQZYsT3ScXlZpyfVlNPkgmmoiuq2NLzQkIht9cjtz3CR6EU2DhEgnwOEqFR1tyG0DL9i9m3bM5HL1QouplLbHRPGlrtj2iMHH9aMVOC-ifNYkdcH0dc4Fy-fs5Hq82w4YsUaaWUXEd7DMb2GzAQ&sai=AMfl-YR3YD5snjpY48CM_KCF_SNtqAjWJJsHjmG2l-7jv_2YWEGLDdruIOlRyO7-PjcU6BUxlxO_9YsM9-K_&sig=Cg0ArKJSzNdTq8m4VOwfEAE&adurl=
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTd3rK0M0H1OxSTqh1GKHoeihzOP8dOTCZDrI9K0_AxWtqrH2ZzsBmCeQGkKMfE4dtuIFKI
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

13756812283639570429
tpc.googlesyndication.com/simgad/
68 B
408 B
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13756812283639570429
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
sffe /
Resource Hash
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sat, 11 Sep 2021 01:56:02 GMT
x-content-type-options
nosniff
age
251512
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
68
x-xss-protection
0
last-modified
Wed, 23 May 2018 07:40:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Sep 2022 01:56:02 GMT
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsssU_MtamKz9I6gCetEHccZaWdgK528DddJJLdr-YSWEEXxKF97A3-HBEhK9WoXyHLI5D5A8sqqev5Ps2oEVg7F7W43t9ja8NE047oZUUX9Z4CsMUXktGEdKdO5as7LBzN3aZVje6-LNSKz69OeLsRE93WR4uJupNYL-B7lspyZgVS8jJE4DZaNnTcCO2iLrOo6Ogf7J9qgqwZc5zKG8F7lpuxKUKvg3KObpuol0lGSni6PXl4IKj10ftWjcySko-AGBr7Idtgg2FBrluhWhKevyZN3zuKmljCBbnB4E5KMJHGE5tkawly1REub7ueulA&sai=AMfl-YS3uAOH_hijucRedI96Zm5_HmikgTP5vAjyoJ7McY3KL9Q6eSeiJz8rDXn04wAHmLvoWArlvghovAgc&sig=Cg0ArKJSzD9F67_EY4nxEAE&adurl=
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTPOlT1u0Ee6oUR02icE8POlfC6h3RMgn536PfECLt4h5cCfebf_xmhCLop-hN2hlvAq9SZ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssopqWYvH_7cajPLzvpdJeC8_Y3sXB9jRv0YNRGGkNiJ9ttS6PUDbPIhwaSOq4yPo8pI_IKlDXCxYpbpJJbq7n_izSZc4t00oNeRB-ccDkIIyseW-tJO5b5Y7aJ50HLhp3ZPaox2Wc2dTa6Y2kKxLdqm_DExxP2h11ZlGLBq7VT3bGHgb9cRSmB-eRwIlwgkEtN479rTpNzHccEdGFZt_LWXp3uC4yyxayUMDblvQlW1NjOjSvqzvzpo4T3gQ3SnIAIcqSob_LyFtSCt_kltkQ29iC_mom01s3Qnk_-yq7c_CcwNlagZYEHxkbhcZEqew&sai=AMfl-YR-2aGjKQLBA_Z-gR0N8ziLdw6GS7gfYMDpe_qqh2OZxQ_zH0rZWfNc34RBBwkZPOFLvflLsJxL3Uj2&sig=Cg0ArKJSzO3l2OOVA1OKEAE&adurl=
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
13503232906761715217
tpc.googlesyndication.com/simgad/
3 KB
3 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/13503232906761715217
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
sffe /
Resource Hash
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 05:20:46 GMT
x-content-type-options
nosniff
age
66428
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3270
x-xss-protection
0
last-modified
Wed, 23 May 2018 04:43:28 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 13 Sep 2022 05:20:46 GMT
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuzF5zAxcIo59tdsi8y_tSEMDjHzRNuQaj40p_4doGNPGTOGwSe2lGIkcJzC34e8hDWDUu3UDF8ryIy1f-9jBYVVJ-uhbw6-5RGrgSnNEfL87JuqLR0tufIQOQOS4fOKPEcgYZceInk6bGf47RBcabe2sZagvI8LdApTchBPtMomefIUXpvn6YiUA1PyaQKNSCO2FxBmsg2XRqIVcxzpbVH9v2b2Ozyhg4g5xClkHOY3uyFFCrsQGoAelqCN4ZBMiPhck1VmD4qLysWQjtWe7I9TI8CwmuQi8UzE113LAsPEpeP-OF_NZN1TBMQWPGyNA&sai=AMfl-YRKTWGpP06oGHqYpBPRy8-pGlB92CjirstU--bHAW1YtzTy40lKW7y1PExHG_4luHf9l8TF5SVsaahz&sig=Cg0ArKJSzPzUUp9ynLcNEAE&adurl=
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:54 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
l
www.google.com/ads/measurement/
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTpVZH--YoGiM-ex5DgcC6y5wOA1j5R1pyXilNvdm1UiBC1teDYaj_tRAzqttpiLAYhiNTi
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f103.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

osd.js
www.googletagservices.com/activeview/js/current/
72 KB
27 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
sffe /
Resource Hash
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1631273431406706"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27627
x-xss-protection
0
expires
Mon, 13 Sep 2021 23:47:54 GMT
truncated
/
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e815306f003abbf49fe17c5473081c8d7df84280a65ee96af4ac5d265076c13

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type
image/png
jload
pixel.adsafeprotected.com/ Frame 1014
47 KB
14 KB
Script
General
Full URL
https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=208818551&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1996456917&custom=homepage&custom3=168402071&adsafe_par&impId=03750d06-14ed-11ec-9a61-0ab32f77e5b0
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
885f870ef66178ee53e88f6a32afcfb3917806585b7eb3ed43b47a8b6e7cb1e9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
x-server-name
app20.ie.303net.net
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
expires
Wed, 31 Dec 1969 23:59:59 GMT
dest5.html
newscorpau.demdex.net/ Frame F0B8
7 KB
3 KB
Document
General
Full URL
https://newscorpau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
newscorpau.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://origin.cairnspost.com.au/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=03031603146135500763302554525253418818
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding
gzip
Content-Type
text/html;charset=UTF-8
date
Mon, 13 Sep 2021 23:47:55 GMT
DCS
dcs-prod-usw2-2-v013-081dc5baf.edge-usw2.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
last-modified
Thu, 26 Aug 2021 10:43:43 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
vary
accept-encoding
X-TID
baDWTp8XTC0=
Content-Length
2791
Connection
keep-alive
id
newscorpau.sc.omtrdc.net/
2 B
323 B
XHR
General
Full URL
https://newscorpau.sc.omtrdc.net/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=03055498458097323263304950068665511512&ts=1631576874377
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-155-93.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 13 Sep 2021 23:47:54 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5995c66b97-bf7mf
vary
Origin
x-c
main-1507.I8824ac.M0-513
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://origin.cairnspost.com.au
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YT-jKgAAAEc0DQQE
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=03031603146135500763302554525253418818
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YT-jKgAAAEc0DQQE
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YT-jKgAAAEc0DQQE
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-0841c7aaf.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
IZusodDxQvM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YT-jKgAAAEc0DQQE
Date
Mon, 13 Sep 2021 23:47:54 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
main.gr.19.8.243.js
static.adsafeprotected.com/ Frame 1014
187 KB
60 KB
Script
General
Full URL
https://static.adsafeprotected.com/main.gr.19.8.243.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=208818551&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1996456917&custom=homepage&custom3=168402071&adsafe_par&impId=03750d06-14ed-11ec-9a61-0ab32f77e5b0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.40.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-40-16.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
last-modified
Tue, 07 Sep 2021 21:28:29 GMT
server
nginx/1.16.1
age
81399
etag
W/"f8ec101cfd4f34f35efecdff9eecac24"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
sca.17.5.12.js
static.adsafeprotected.com/ Frame C637
80 KB
21 KB
Script
General
Full URL
https://static.adsafeprotected.com/sca.17.5.12.js
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.40.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-40-16.eu-west-1.compute.amazonaws.com
Software
nginx/1.16.1 /
Resource Hash
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:54 GMT
content-encoding
gzip
last-modified
Thu, 19 Aug 2021 16:31:24 GMT
server
nginx/1.16.1
age
1736590
etag
W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
mon
pixel.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=208818551&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1996456917&custom=homepage&custom3=168402071&adsafe_par&impId=03750d06-14ed-11ec-9a61-0ab32f77e5b0&adsafe_url=https%3A%2F%2Forigin.cairnspost.com.au%2F&adsafe_type=abdfq&adsafe_jsinfo=,id:f34d2f89-c21b-0f24-1c02-9e7047c7785d,c:o8Pvyb,sl:inView,em:false,fr:true,thd:1,mn:app20ie,pt:1-5-15,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,br:c,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:180,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rp:n,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:199,oid:03baa1be-14ed-11ec-895c-02467abe7cd0,v:19.8.243,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:54 GMT
x-server-name
app17.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8Pvyr,pingTime:0,time:214,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:215,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B31~100%5D,as:%5B31~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt13.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
216 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8Pvyv,pingTime:-2,time:218,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:153,beZ:154,mfA:333,cmA:335,inA:335,inZ:341,prA:341,prZ:346,si:352,poA:352,poZ:365,cmZ:365,mfZ:365,loA:368,loZ:369,ltA:370,ltZ:370%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:218,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B34~100%5D,as:%5B34~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,slid:%5B%5D,sinceFw:17,readyFired:true%7D&br=c
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt07.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
validate
assets.vidora.com/v1/
0
311 B
Ping
General
Full URL
https://assets.vidora.com/v1/validate?api_key=cairnspost.EE49890881E7053469BD6E410C03D747
Requested by
Host: assets.vidora.com
URL: https://assets.vidora.com/js/vidora-client.1.x.x.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.155.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-155-84.dus51.r.cloudfront.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 13 Sep 2021 23:47:55 GMT
via
1.1 8033f9c6b87a03b2eca7c2db5157e10e.cloudfront.net (CloudFront)
server
nginx/1.14.0 (Ubuntu)
x-amz-cf-pop
DUS51-C1
x-cache
Miss from cloudfront
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
k2DAotkkLeNATiw-tVwybEfdAeEs6Vtoz44rGvGL6DR--c66LU3e1g==
expires
Mon, 13 Sep 2021 23:47:54 GMT
id
dpm.demdex.net/
5 KB
2 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=03055498458097323263304950068665511512&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&ts=1631576874952
Requested by
Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
01882321510fb80820d949adb08960c5eb1a7f641df37963b8ef6633266749c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://origin.cairnspost.com.au/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-usw2-1-v013-0a0fb6c70.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
2t90wSouQjc=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://origin.cairnspost.com.au
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
1543
Expires
Thu, 01 Jan 1970 00:00:00 UTC
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PvE9,pingTime:-10,time:568,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fDB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1631576875037%7C%7C149764609d5588850a232d35d015c819%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7C877bfbc791a02677ba47df4e5210f46a%7C%7C45a6fad8abc97e1e9a8fb35a13cdd36a%7C%7C1d19f2f8e458acc360575d45b909d6d8%7C%7C39c74f273a2896a3dbc35201299de668%7C%7C131d62fe1846f48038e37473560fd9b3%7C%7C1629390669%7D
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt47.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
ibs:dpid=358&dpuuid=8185407176802128549
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8185407176802128549
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8185407176802128549
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v013-00af2d7cd.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
taXf9DU7S/M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:55 GMT
X-Proxy-Origin
216.131.111.4; 216.131.111.4; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
02784738-6934-4665-8e78-49684622fb91
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8185407176802128549
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s15445403849894
newscorpau.sc.omtrdc.net/b/ss/newscorpau-cpweb-dev,newscorpau-global-dev/1/JS-2.22.0/
43 B
245 B
Image
General
Full URL
https://newscorpau.sc.omtrdc.net/b/ss/newscorpau-cpweb-dev,newscorpau-global-dev/1/JS-2.22.0/s15445403849894?AQB=1&ndh=1&pf=1&t=13%2F8%2F2021%2023%3A47%3A55%201%200&mid=03055498458097323263304950068665511512&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=cp%7Chome%7Chomepage%7Chomepage&g=https%3A%2F%2Forigin.cairnspost.com.au%2F&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent17%3D7%2Cevent18%2Cevent63%3D14&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cthe%20cairns%20post%7Cthe%20cairns%20post%20web%7Chome&l1=hybrid%3A1%7Chybrid-leader-billboard%3A1%7Chalfpage%3A1%7Chybrid%3A2%7Chybrid-leader-portal%3A1%7Cmrec%3A1%7Croadblock-px%3A1&c2=D%3Dv2&v2=the%20cairns%20post&c3=D%3Dv3&v3=the%20cairns%20post%20web&c4=D%3Dv4&v4=home&c9=D%3Dv9&v9=homepage&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=9%3A47%20AM%7CTuesday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c53=D%3Dv53&v53=1.0%2Btheme_newscorpau_news_dna&c60=D%3Dv60&v60=14&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=de%7Che%7Cfrankfurt%7C50.12%7C8.68%7Cgmt%2B1%7Cunknown&v79=de&v80=00000000000000000000000000000000-00000000000000000000000000000000-1631576873108-769562&v111=0&v161=33.69999998807907&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.212.155.93 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-212-155-93.us-west-2.compute.amazonaws.com
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:55 GMT
x-content-type-options
nosniff
x-c
main-1507.I8824ac.M0-513
p3p
CP="This is not a P3P policy"
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
last-modified
Tue, 14 Sep 2021 23:47:55 GMT
server
jag
xserver
anedge-5995c66b97-4bdr8
etag
3503784661427748864-4619768545302039317
vary
*
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, no-transform, private
expires
Sun, 12 Sep 2021 23:47:55 GMT
ibs:dpid=470&dpuuid=4428154673489464949
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4428154673489464949
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4428154673489464949
Requested by
Host: origin.cairnspost.com.au
URL: https://origin.cairnspost.com.au/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-09183f30d.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
BMsDauV6TPQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4428154673489464949
pragma
no-cache
date
Mon, 13 Sep 2021 23:47:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
8 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021090701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
cafe /
Resource Hash
d0e38d38bbab2bcd91d6bc0822809271abed218eea8684a4e0d41355de361157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8474
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/
0
0
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYVlerzDCuXlIOZyL04DsDb-EoaLdds7h0_aNu8U6fCC-gb52sesViPH_DT-llBlx8SYfDbkF2Nubm1FsYrX7cvIVZLytkfsR7p8gV1K6bu4cDN6idUamjZ5PWseWL51FhIrUObfu0rwOF1XAQtsqCcc6yKalea5IteqUvok8YKtCSqbm7KxZHKcvejKz9bF9bLls3WNNrgY5QUoznKbXOCZkEFGaffrvqI1hlGN7nSW5i_bkYXROyq5-WxWSMf58wwIGOKBewXcnrzPuDFN5Age6iFELegvs5Fgg_vCN8Gl5FSSYeY48tv7eDwkkmSNmt&sai=AMfl-YS9KCMayk_iTMHI_8Wi-PxY5mNQT_HycZwVJSd9VeG7jwcvNhAZYKSll8seVaQrGenzNk5ztr236ug-&sig=Cg0ArKJSzG4DQY2ErTIzEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 13 Sep 2021 23:47:55 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
token
token.rubiconproject.com/ Frame F0B8
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=03031603146135500763302554525253418818&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
78e3bdce5107450057bade54d54a0a7e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Mon, 13 Sep 2021 23:47:55 GMT
ibs:dpid=771&dpuuid=&google_error=3
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDMwMzE2MDMxNDYxMzU1MDA3NjMzMDI1NTQ1MjUyNTM0MTg4MTg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDMwMzE2MDMxNDYxMzU1MDA3NjMzMDI1NTQ1MjUyNTM0MTg4MTg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
42 B
963 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-025f30605.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
300,104
X-TID
xGa7XWn+Rlk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=&google_error=3?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
288
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame A040
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f132.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://origin.cairnspost.com.au/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Thu, 09 Sep 2021 04:25:03 GMT
expires
Fri, 09 Sep 2022 04:25:03 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
415372
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 4221
783 B
531 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.27.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f103.1e100.net
Software
GSE /
Resource Hash
42784bb5748ae3f6b80c1d1cdef3b090ca53dfc816068ddd895897ac1d09f9c1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Xvon5E2GARF9ghrrsN2bZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://origin.cairnspost.com.au/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/

Response headers

expires
Mon, 13 Sep 2021 23:47:55 GMT
date
Mon, 13 Sep 2021 23:47:55 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-Xvon5E2GARF9ghrrsN2bZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
pagead2.googlesyndication.com/bg/ Frame A040
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/SRvJn55X6RWbfV9KOXYL310U_n7bQjLBtP3JEbFBTGg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
sffe /
Resource Hash
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 20:33:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
530047
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13367
x-xss-protection
0
last-modified
Mon, 06 Sep 2021 10:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 20:33:48 GMT
ibs:dpid=903&dpuuid=d6a0f836-cad7-45b3-8aed-4a7f396d966e
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
  • https://dpm.demdex.net/ibs:dpid=903&dpuuid=d6a0f836-cad7-45b3-8aed-4a7f396d966e
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d6a0f836-cad7-45b3-8aed-4a7f396d966e
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-01f95003e.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
YnCt6w/QTUs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dpm.demdex.net/ibs:dpid=903&dpuuid=d6a0f836-cad7-45b3-8aed-4a7f396d966e
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
189
sodar
pagead2.googlesyndication.com/pagead/ Frame 4221
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021090701&jk=1453676076035191&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
42 B
963 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-0cd9f5f4c.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
QTqXKxrkT38=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
server
nginx
etag
"60b842b2-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
expires
Mon, 13 Sep 2021 23:47:55 GMT
gen_204
pagead2.googlesyndication.com/pagead/
0
20 B
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021090701&jk=1453676076035191&bg=!6uml6a3NAAYT0U73E9E7ACkAdvg8WkOXIwpHEwQjpM3wItAdVdNC2h27bCxTbaQJOOIZE2N6-dNuMgIAAABzUgAAAAhoAQcKAMUVuHBuFNEIemP5A9FFSILGcBggkEeDAJB1g2YC4mIH9AwqC53ZNA8p9-NjVzRCgyjOoZ2NhkQkmNqcBAbxY3QMMd16EjKOyBeyQp7ZHo-MgeMYYAL5nNo_sMK8uFgMP5SlU8m5noO-JP3ghAJ-3-EQ263s4LCyYh-3Ak31VqkQ0nfBAKswZGQnXCK7P7ftNgOzK60vNk0t9k3ZI2G5ieQtNy42cys9pdm_SKhtbJZzh86F5RiikOAG5AOv3j2agqQtAuqez5kCfIoA4fHHrtq9wpYBfwB42rLiN7eBqf6PkLsM3jaKXsPSB9eopOprRSkC4XOe16Ja_-O8jRgWgzu5ggjd3MpVdCLG0lxG0lU1fiY1iWYGZ7g0Ah3fbOv2s6NHvRVjQZVl-b8qLika_UyilZzZIZMF0zzZkVPrrs63CaR2iak1jJiSHLOgXF4pEoYJfEPanDaibmjIqS6arfFgiUOS0ZnUfNsBQZEvCfX6fo2-VwtN_Zs9nTT60_3Wldo7TN0xbl_cMtWPd-rDhbPDZu5bc-vmu3bz2g9_1Q9vULotSsCmAL-hnh6m60Y9o5xfFgttDBVakjjZnQbWf-P-q8szI9VN8GIQcIHWiPD5ZQjVzXisrtW4zoNgy2stoqruNa7a-o72Ea3ITsn5yCP2iQNzaL_CLB3oiE6sN7pv7HCVaU2fLw3ixw6bfWivYahsexJloRyc-vfNI1GiDVoOHb_ZVS5zD5Dqy1uJT_Bg2467hTLf0b5ihV5NhnvNRbOAc-t0XX864w4jcddhKHnBKK6lckUBudUPF0qbh82RN-3AY3z9e1u_oDLzFJDRwlEVA_H2KWU3xIwVKIEzyimSAjTgwJ_sP_6sJUgDlC20QeKMtsDicFR_U64QlF8s5mb4lq7Ue2451Ogxfkjs77VAztITaz8PU4AoBt1Zb--cclR15iLC3evamTgvSv1pFLmuA7Ejgx_xgGnr6KAQ9gQyy4pZ8zMI4e4iwN-H9qLH0GSbMf_kwGV_rculd3kK6t2ssWbZ10G3adoTfmsZlo8-fXtmubSLJxqxzXU0jgPJK_kJE-xno1oAy_wE31zcntar03uvZjUSAyQDIIgvPICJ9-w54w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PvOB,pingTime:1,time:1216,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1216,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1032~100%5D,as:%5B1032~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:103,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt45.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PvOC,pingTime:1,time:1217,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1217,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1033~100%5D,as:%5B1033~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:103,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt01.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PvOC,pingTime:1,time:1217,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1217,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1033~100%5D,as:%5B1033~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:103,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt50.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PvOC,pingTime:1,time:1217,type:c,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1217,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1034~100%5D,as:%5B1034~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:103,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
x-server-name
dt43.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
usermatchredir
ssum.casalemedia.com/ Frame F0B8
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
43 B
743 B
Image
General
Full URL
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:55 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Sep 2021 23:47:55 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
320
Expires
Mon, 13 Sep 2021 23:47:55 GMT
gn
secure-sdk.imrworldwide.com/cgi-bin/
44 B
369 B
Image
General
Full URL
https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b14_homepage_S&asn=homepage&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=1mifg14gklvztimh6ruucxuzr206e1631576873&prv=1&c6=vc,b14&ca=NA&c13=asid,PD1ED8B36-B2EE-413B-ABB5-EB0479D5CCAD&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,amcodrhrplyb2thdctvuraundew4a1631576873&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1631576873794676&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1631576873579&c3=st,c&c64=starttm,1631576875&adid=1631576873579&c58=isLive,false&c59=sesid,&c61=createtm,1631576874&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Forigin.cairnspost.com.au%2F&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1631576874&rnd=626483
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.113.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-113-109.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:55 GMT
server
nginx
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-type
image/gif
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
ibs:dpid=30432&dpuuid=CI-aceb5ffec11ec2b3cf195f9251e7511a
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://dt.scanscout.com/ssframework/uid?UIAA=03031603146135500763302554525253418818&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
  • https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aceb5ffec11ec2b3cf195f9251e7511a
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aceb5ffec11ec2b3cf195f9251e7511a
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v013-08f2d6f52.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
rwdGqiS/T5s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-aceb5ffec11ec2b3cf195f9251e7511a
Date
Mon, 13 Sep 2021 23:47:56 GMT
useSecure
true
Server
nginx/1.10.3
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ibs:dpid=30064&dpuuid=22N8lbDzZHOAaM_jAdAjI-_4-YryH6EUJUu3Ebi5BB_U
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=03031603146135500763302554525253418818&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=03031603146135500763302554525253418818&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=22N8lbDzZHOAaM_jAdAjI-_4-YryH6EUJUu3Ebi5BB_U
42 B
945 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=22N8lbDzZHOAaM_jAdAjI-_4-YryH6EUJUu3Ebi5BB_U
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-0a2350b73.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gIxBaj0FT0E=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=22N8lbDzZHOAaM_jAdAjI-_4-YryH6EUJUu3Ebi5BB_U
Date
Mon, 13 Sep 2021 23:47:56 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
usermatch.gif
beacon.krxd.net/ Frame F0B8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=03031603146135500763302554525253418818
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=03031603146135500763302554525253418818
0
338 B
Image
General
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=03031603146135500763302554525253418818
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.170.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-170-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1631576876
x-served-by
beacon-n015-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=03031603146135500763302554525253418818
date
Mon, 13 Sep 2021 23:47:56 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a011-ash-prod.krxd.net
ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame F0B8
Redirect Chain
  • https://tags.bluekai.com/site/43981?id=03031603146135500763302554525253418818&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
  • https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
42 B
963 B
Image
General
Full URL
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.186.191.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-186-191-156.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v013-000aa5dde.edge-usw2.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-Error
303,104
X-TID
tuii10ZrR/s=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Date
Mon, 13 Sep 2021 23:47:56 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
pixel
cm.g.doubleclick.net/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVQtaktnQUFBRWMwRFFRRQ==
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVQtaktnQUFBRWMwRFFRRQ==&google_tc=
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVQtaktnQUFBRWMwRFFRRQ==&google_tc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f154.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WVQtaktnQUFBRWMwRFFRRQ==&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_GGuZ0H04ifyjZaXOv-zcSWPi2B01yj_cdUGTGs7rcfW6KVsX8S4pBMNtr8wtouQgtp9OIKwCuQNaJ51BB0djOn4NB70m7ZHKTDGXiZp0MKgwBctP&sig=Cg0ArKJSzArVz_qtLmXLEAE&id=lidar2&mcvt=1000&p=0,0,5,1&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210910&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2236133184&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&eosm=0&rst=1631576872217&rpt=3096&r=v
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.102.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
rb-in-f155.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
  • https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YT-jKgAAAEc0DQQE&expires=90
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YT-jKgAAAEc0DQQE&expires=90
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631576876.358975,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YT-jKgAAAEc0DQQE&expires=90
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YT-jKgAAAEc0DQQE
43 B
1003 B
Image
General
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YT-jKgAAAEc0DQQE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.79.88.202 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-79-88-202.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:56 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 13 Sep 2021 23:47:56 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631576876.460899,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YT-jKgAAAEc0DQQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
setuid
ib.adnxs.com/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
  • https://ib.adnxs.com/setuid?entity=158&code=YT-jKgAAAEc0DQQE
0
576 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=158&code=YT-jKgAAAEc0DQQE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 13 Sep 2021 23:47:56 GMT
X-Proxy-Origin
216.131.111.4; 216.131.111.4; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fac49ac2-c47e-4358-9f28-cea9688e2174
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631576877.565457,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://ib.adnxs.com/setuid?entity=158&code=YT-jKgAAAEc0DQQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
sd
us-u.openx.net/w/1.0/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
  • https://us-u.openx.net/w/1.0/sd?id=537148856&val=YT-jKgAAAEc0DQQE
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YT-jKgAAAEc0DQQE
43 B
180 B
Image
General
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YT-jKgAAAEc0DQQE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/16.216.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 google
server
OXGW/16.216.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YT-jKgAAAEc0DQQE
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 google
server
OXGW/16.216.0
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
Pug
image2.pubmatic.com/AdServer/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YT-jKgAAAEc0DQQE
1 B
547 B
Image
General
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YT-jKgAAAEc0DQQE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 23:47:57 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug002:0:367
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631576877.767474,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YT-jKgAAAEc0DQQE
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
partner
sync.search.spotxchange.com/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YT-jKgAAAEc0DQQE&img=1
  • https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YT-jKgAAAEc0DQQE&img=1&__user_check__=1&sync_id=057a3cde-14ed-11ec-b535-1a404fd50106
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YT-jKgAAAEc0DQQE&img=1&__user_check__=1&sync_id=057a3cde-14ed-11ec-b535-1a404fd50106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Mon, 13 Sep 2021 23:47:57 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Mon, 13 Sep 2021 23:47:57 GMT
Server
nginx
Location
/partner?adv_id=6409&uid=YT-jKgAAAEc0DQQE&img=1&__user_check__=1&sync_id=057a3cde-14ed-11ec-b535-1a404fd50106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
35
Connection
keep-alive
Content-Length
0
b.php
www.facebook.com/fr/ Frame F0B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
  • https://www.facebook.com/fr/b.php?p=1531105787105294&e=YT-jKgAAAEc0DQQE&t=2592000&o=0
43 B
1 KB
Image
General
Full URL
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YT-jKgAAAEc0DQQE&t=2592000&o=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.60.216.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-frx5.facebook.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 13 Sep 2021 16:47:57 PDT
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
public
x-fb-debug
voQv/D7m4dxJ4hfX/kC2WNKV1OxeOQgAHM7BVExuvVANplFLvnowmKtKFDfVhAZFzYtMJLbYIP5TtWjwmt/mdw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
strict-transport-security
max-age=15552000; preload
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
image/gif
vary
Accept-Encoding
cache-control
public, max-age=0
priority
u=3,i
expires
Mon, 13 Sep 2021 16:47:57 PDT

Redirect headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:56 GMT
via
1.1 varnish
server
Varnish
x-timer
S1631576877.971951,VS0,VE0
x-served-by
cache-hhn4051-HHN
x-cache
HIT
location
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YT-jKgAAAEc0DQQE&t=2592000&o=0
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
cm
trc.taboola.com/sg/adobe/1/ Frame F0B8
43 B
133 B
Image
General
Full URL
https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Mon, 13 Sep 2021 23:47:57 GMT
via
1.1 varnish
server
nginx
x-timer
S1631576877.073973,VS0,VE9
x-served-by
cache-hhn11530-HHN
x-cache
MISS
cache-control
no-cache, no-store
accept-ranges
bytes
x-cache-hits
0
0
sync.1rx.io/usersync/adobe/ Frame F0B8
0
107 B
Image
General
Full URL
https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.45 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://newscorpau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:57 GMT
cache-control
no-store, no-cache, must-revalidate
server
Tengine
expires
0
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PwR7,pingTime:5,time:5216,type:p,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5216,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5032~100%5D,as:%5B5032~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:103,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:59 GMT
x-server-name
dt35.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx
dt
dt.adsafeprotected.com/
43 B
215 B
Image
General
Full URL
https://dt.adsafeprotected.com/dt?anId=10507&asId=f34d2f89-c21b-0f24-1c02-9e7047c7785d&tv=%7Bc:o8PwR8,pingTime:5,time:5217,type:pf,clog:%5B%7Bpiv:100,vs:i,r:,w:100,h:100,t:198%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5217,o:0,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:i,t:198,wc:0.0.1600.1200,ac:1500.1100.100.100,am:a,cc:0.0.1600.0,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5033~100%5D,as:%5B5033~100.100%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:103,fm:sIWei3P+1*.10507%7C11%7C12%7C13,idMap:1*,rmeas:1,rend:1,renddet:DIV.qs.sn%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.162.236.216 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-162-236-216.compute-1.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://origin.cairnspost.com.au/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 13 Sep 2021 23:47:59 GMT
x-server-name
dt21.va.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
cache-control
no-cache
content-type
image/gif
content-length
43
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
8228261.fls.doubleclick.net
URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CL_o_7-R_fICFXEQiwodF-8Cmg;src=8228261;type=invmedia;cat=newsc011;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=3542778638559.454?
Domain
8228261.fls.doubleclick.net
URL
https://8228261.fls.doubleclick.net/activityi;dc_pre=CPDk_7-R_fICFfOBgwcdhb4Icg;src=8228261;type=invmedia;cat=newsc017;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=4211117518018.8164?
Domain
au-gmtdmp.mookie1.com
URL
https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296522&src.rand=[timestamp]
Domain
26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com
URL
https://26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Domain
www.googleadservices.com
URL
https://www.googleadservices.com/pagead/conversion_async.js

Verdicts & Comments Add Verdict or Comment

252 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster object| newscorpau object| _taboola function| toggleText object| utag_data object| TRC object| _tblConsole string| pm_pgtp undefined| msg object| _comscore function| loadjs function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| udm_ object| ns_p object| COMSCORE object| lazySizes object| ads_api object| placementData object| _tfa string| nam boolean| utag_condload object| versaTag boolean| isAsync function| httpGetAsync function| parseResponse object| utag number| _sf_startpt object| _sf_async_config object| _cbq boolean| __tealium_twc_switch object| utag_cfg_ovrd boolean| _tb_dis string| pm_ppy string| _pmep string| _pmep_geo string| _pmpmk boolean| _pmasync boolean| _pmoptimization boolean| _pmoptimizationmanipulation boolean| _pmhp boolean| _pmsb object| pmk object| pmglb object| pmfa object| pmad object| pmdebug_c object| _pmenv object| _pma undefined| _tb_d undefined| _tb_rand object| _pm_ecd string| _tb_vpx function| _pmloadfile function| pmws_request_done function| _tb_getUrlParameter object| vidora function| vidoraTrackExtraElements function| TBClickToPlayVideo function| TBClickToPlayVideoElem function| TBVideoElem function| TBVideoEvents function| TBOptimizationAutoPlayInfoFromXPathAndURL object| _pmk function| TBWidgetVideoPlayer function| TBGenericVideoModule function| TBOtherPlayer function| TBVideoMetaData function| TBVideo function| TBVideoDetectionYoutubeAPI function| TBOptimizationTouchAndClickEventTracker function| TBWidgetStorage object| PMFileLoader object| PMPage object| PMTemplate function| PMTracking function| PMUniversalGA function| PMMdotLabs function| PMComScore function| PMPublisher function| TBOptimization function| PMGlobal function| pmws_getlocation_done object| pmdebug object| pmws object| oi object| _pm_mcg object| newskey object| m object| nb object| vidora_ns object| sectionData boolean| cb_ad_run number| _sf_endpt number| gptPluginLoaded number| gcTicker object| _hjSettings function| hj object| nn object| NOLBUNDLE object| __ni0 number| nielsenSinglePageEvent object| ads_core object| ads_extra object| googletag function| ad_tl_cb number| PREBID_CONV_RATE number| PREBID_TIMEOUT object| __iasPET object| kw_ignore object| mready object| metrics object| mconfig function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_Media object| adobe function| Visitor object| s_c_il number| s_c_in object| s number| sp object| domainArray object| visitor number| s_objectID number| s_giq function| DIL number| width number| height object| utmParts object| intParts function| pbjsChunk object| pbjs object| _pbjsGlobals object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| ncg_data object| GlobalSnowplowNamespace function| _ncg_snowplow object| Snowplow string| matchId object| regeneratorRuntime object| core function| setImmediate function| clearImmediate object| ats object| ggeac object| google_js_reporting_queue object| KAMPYLE_EMBED object| diagPixSentCodes object| __iasAdRefreshConfig object| $jscomp function| $jscomp$lookupPolyfilledValue object| versaTagObj object| EBG object| EBGVT object| EBGUIP string| EBservingMode object| gEBMainWindow object| providersData function| _typeof object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents string| ptclString function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| ads_ready undefined| oneTagObj function| ebDecode object| bsResponseObj number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| gaGlobal string| jscVersion object| google_casm function| su object| dicnf object| viewReq function| vu function| mb function| init_ssb function| accbk function| xy function| ss function| st function| ha function| ia function| ja function| ga object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| buildAttribution object| google_logging_queue undefined| goog_delegate_deferred_token object| window_focus_for_click function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb number| __google_lidar_ function| osdlfm number| __google_lidar_adblocks_count_ function| __google_lidar_radf_ string| s_tnt string| f0 object| s_i_newscorpau-cpweb-dev_newscorpau-global-dev object| tbopt object| GoogleGcLKhOms object| google_image_requests

54 Cookies

Domain/Path Name / Value
.scorecardresearch.com/ Name: UID
Value: 1O7FY6J60MAG4GESDHTKIMg1631576873
origin.cairnspost.com.au/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D91fde78e-fa3a-43f9-aad7-010e28d3c3ab-tuct83968a8
.cairnspost.com.au/ Name: utag_main
Value: v_id:017be18f57fe007734c2074529a403073002106b00b08$_sn:1$_se:1$_ss:1$_st:1631578672959$ses_id:1631576872959%3Bexp-session$_pn:1%3Bexp-session
origin.cairnspost.com.au/ Name: _tb_sess_r
Value:
origin.cairnspost.com.au/ Name: _tb_t_ppg
Value: https%3A//origin.cairnspost.com.au/
.cairnspost.com.au/ Name: nc_eu
Value: y
origin.cairnspost.com.au/ Name: _cb_ls
Value: 1
origin.cairnspost.com.au/ Name: _cb
Value: DIsvbLBnThSeBJfjez
origin.cairnspost.com.au/ Name: _chartbeat2
Value: .1631576873695.1631576873695.1.BU40pnDNx8nkDhZ8FODdB2y4Bre7M1.1
origin.cairnspost.com.au/ Name: _cb_svref
Value: null
.cairnspost.com.au/ Name: _ncg_sp_ses.d9d7
Value: *
.cairnspost.com.au/ Name: _ncg_sp_id.d9d7
Value: 6cdb03c5-2dee-4856-8c5b-0ba9337da68a.1631576874.1.1631576874.1631576874.a33093af-cef7-40c7-9004-e339686e3be1
bs.serving-sys.com/ Name: OT_6630
Value: 1
.serving-sys.com/ Name: ActivityInfo2
Value: 004tSUzNV0_
.serving-sys.com/ Name: OT2
Value: 0001DC1p2H
.serving-sys.com/ Name: u2
Value: 9c4bdaff-2c3e-4ea5-a573-52f7945e37c24D3060
.imrworldwide.com/ Name: SSCVER
Value: v1
.imrworldwide.com/ Name: IMRID
Value: 037cd4c0-14ed-11ec-b6bc-bbe3214d1913
.cairnspost.com.au/ Name: _gcl_au
Value: 1.1.1340632287.1631576874
origin.cairnspost.com.au/ Name: vidoraUserId
Value: d1nk4ejs80rb9l3vgshenq4ca2qrac
.demdex.net/ Name: demdex
Value: 03031603146135500763302554525253418818
.cairnspost.com.au/ Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YT-jKgAAAEc0DQQE
.dpm.demdex.net/ Name: dpm
Value: 03031603146135500763302554525253418818
.adnxs.com/ Name: uuid2
Value: 8185407176802128549
.cairnspost.com.au/ Name: s_nr
Value: 1631576875130-New
.cairnspost.com.au/ Name: s_gdslv
Value: 1631576875130
.cairnspost.com.au/ Name: s_gdslv_s
Value: First%20Visit
.cairnspost.com.au/ Name: s_ppn
Value: cp%7Chome%7Chomepage%7Chomepage
.cairnspost.com.au/ Name: tp
Value: 1200
.cairnspost.com.au/ Name: s_ppv
Value: cp%257Chome%257Chomepage%257Chomepage%2C100%2C100%2C1200
.cairnspost.com.au/ Name: s_cc
Value: true
.cairnspost.com.au/ Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg
Value: -637568504%7CMCIDTS%7C18884%7CMCMID%7C03055498458097323263304950068665511512%7CMCAAMLH-1632181675%7C9%7CMCAAMB-1632181675%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1631584075s%7CNONE%7CMCSYNCSOP%7C411-18891%7CMCAID%7CNONE%7CvVersion%7C5.1.1
.turn.com/ Name: uid
Value: 4428154673489464949
.adsrvr.org/ Name: TDID
Value: d6a0f836-cad7-45b3-8aed-4a7f396d966e
.adsrvr.org/ Name: TDCPM
Value: CAESEgoDYWFtEgsI5OjLj97G-zkQBRgFIAEoAjILCPLUoLz0xvs5EAU4AQ..
.casalemedia.com/ Name: CMID
Value: YT-jK5RyIMmMkPtwRa4pCwAA
.casalemedia.com/ Name: CMPS
Value: 3220
.casalemedia.com/ Name: CMPRO
Value: 1147
.eyeota.net/ Name: mako_uid
Value: 17be18f643c-3beb0000010f538d
.eyeota.net/ Name: SERVERID
Value: 21389~DM
.scanscout.com/ Name: uid
Value: CI-aceb5ffec11ec2b3cf195f9251e7511a
.scanscout.com/ Name: UIAA
Value: 03031603146135500763302554525253418818
.scanscout.com/ Name: UIXX_UPDT
Value: "UIAA=1631576876252"
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.casalemedia.com/ Name: CMST
Value: YT-jLGE-4ywA
.casalemedia.com/ Name: CMRUM3
Value: 58613fe32c2760YT-jKgAAAEc0DQQE
.krxd.net/ Name: _kuid_
Value: OXELiaIZ
.openx.net/ Name: i
Value: 8a049665-24aa-48b5-b3dd-22b4fdd6a0ca|1631576876
.demdex.net/ Name: dextp
Value: 358-1-1631576875115|470-1-1631576875216|481-1-1631576875327|771-1-1631576875431|903-1-1631576875536|19566-1-1631576875638|23728-1-1631576875740|30432-1-1631576875843|30064-1-1631576875946|66757-1-1631576876048|134096-1-1631576876151|144230-1-1631576876255|144231-1-1631576876355|144232-1-1631576876457|144233-1-1631576876560|144234-1-1631576876662|144235-1-1631576876764|144236-1-1631576876865|144237-1-1631576876968|147592-1-1631576877070|461447-1-1631576877172
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YT-jKgAAAEc0DQQE&KRTB&23194-YT-jKgAAAEc0DQQE&KRTB&23209-YT-jKgAAAEc0DQQE&KRTB&23244-YT-jKgAAAEc0DQQE
.pubmatic.com/ Name: PugT
Value: 1631576877
.pubmatic.com/ Name: PUBMDCID
Value: 3
.spotxchange.com/ Name: audience
Value: 057a3c85-14ed-11ec-b535-1a404fd50106

23 Console Messages

Source Level URL
Text
network error URL: https://origin.cairnspost.com.au/remote/identity/rampart/latest/rampart.js
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://origin.cairnspost.com.au/wp-json/api/weather/4870
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://tpc.googlesyndication.com/pagead/js/r20210909/r20110914/abg_lite_fy2019.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021090701.js?31062549(Line 5)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://origin.cairnspost.com.au/
Message:
The resource https://origin.cairnspost.com.au/wp-content/themes/newscorpau-news-dna/dist/stylesheets/css-metro-desktop-lazy.css was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Xss-Protection 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1mifg14gklvztimh6ruucxuzr206e1631576873.nuid.imrworldwide.com
26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
acdn.adnxs.com
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
assets.vidora.com
ats.rlcdn.com
au-gmtdmp.mookie1.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.taboola.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
images.taboola.com
js.adsrvr.org
match.adsrvr.org
mhr.talk.news.com.au
nebula-cdn.kampyle.com
news-networkeditorial.s3-ap-southeast-2.amazonaws.com
news-networkeditorial.s3.ap-southeast-2.amazonaws.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
origin.cairnspost.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.adsafeprotected.com
pixel.rubiconproject.com
ps.eyeota.net
resourcesssl.newscdn.com.au
s3-ap-southeast-2.amazonaws.com
sb.scorecardresearch.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.hotjar.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
us-u.openx.net
use.fontawesome.com
usermatch.krxd.net
widget.perfectmarket.com
www.facebook.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
26937d65f51c9f448fbb1f148ca99b9f.safeframe.googlesyndication.com
8228261.fls.doubleclick.net
au-gmtdmp.mookie1.com
www.googleadservices.com
104.75.88.194
104.75.88.206
104.79.88.141
104.79.88.147
104.79.88.155
104.79.88.202
104.79.88.36
108.128.170.1
13.226.146.155
13.226.155.103
13.226.155.11
13.226.155.20
13.226.155.27
13.226.155.43
13.226.155.52
13.226.155.81
13.226.155.84
13.226.158.134
13.248.242.197
141.226.228.48
142.250.102.132
142.250.102.154
142.250.102.155
142.250.102.157
142.250.102.97
142.250.27.103
142.250.27.154
151.101.113.175
151.101.114.49
172.67.214.69
185.33.220.243
185.33.221.53
185.60.216.35
185.64.190.80
185.94.180.125
192.0.66.40
199.127.207.182
199.232.137.181
199.232.137.44
213.19.147.45
23.55.163.58
3.124.210.90
34.98.64.218
46.228.164.13
52.18.40.16
52.213.111.123
52.48.113.109
52.57.82.36
52.95.134.223
52.95.134.46
54.162.236.216
54.175.30.11
54.186.191.156
54.194.191.134
54.212.155.93
54.90.48.240
69.173.144.139
69.173.144.165
72.246.100.56
01882321510fb80820d949adb08960c5eb1a7f641df37963b8ef6633266749c0
03e5a0363db4c88e26d041592531853130bef1d37948d99988a18f11bf77779f
0729584fa8db62366357db458cac062c54ba48e1583a5248cbd5c2e07544944c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
10d3af8b76d426226f494942ac4ea6d2ab907168f10f3801023b0af1516fd0c7
137c9bb31df4a8ad161a3235b65eb1db00882a0996a0fc43eb299ff6be8cd3c8
18b8c0b1bf35213f56bc7c768c12378c363322ab4c6b2eb8d70cce94cb10e92f
1b6abcd01d2337e70b8fdde5a150175d2d4a3231d464e25b9cbdb5bac2bfcd2c
1d5be09096b8b52e6d5f10772567c6b02bad4efa7506b468ce3e34739cf32c84
1d5c29fa89d8c1c62950640a2e0acf7eeebb2d06eb4b784f102d2925fa708971
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
26745f8855b4451486086f5ed299a76f5396f09d9003be49e84095ee0922a3e5
280f6a0b839e45e9d74aece7fbe7b8725a1e0458af20276b75fd9ba1e18cbfad
28fafae3e9ce51dacaa2e2e77922dcc08ddd15bb4d1ed3e2af9d3f6e2deead02
292705950984736c0888ee27e4428bb0fa4d77333638a4341487dfb17b773e98
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
2e815306f003abbf49fe17c5473081c8d7df84280a65ee96af4ac5d265076c13
3173e63dd87496532c6373def03655b3225822b0ef0816d976d114e6e382b62b
33f720ff5aefaaa32549928797c687c4435d2db05dee14097c2c06cb34c6dd1b
3435d7b36413d05c102b8d7d0e59f86873ce27b47b3a8b070191c750ca6bbaa7
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
3b2994ec6cd1c326c20a981912b23a05f5b1ddd55f3fccabf419e1ee70ee6a56
3c7d74a1a7cd10083f75e287df2c9c9d85bd8616a97a339aa00aa67feec57ac3
41563c51087afa2a73e164e48e3fe5ce1cfe5b9730872a9041f03c7dba161cab
42784bb5748ae3f6b80c1d1cdef3b090ca53dfc816068ddd895897ac1d09f9c1
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
481a0574246e281316ffa0e15399bf5388bb81ae550ce0401a0353b6bb2d1e5a
491bc99f9e57e9159b7d5f4a39760bdf5d14fe7edb4232c1b4fdc911b1414c68
49c60e97e9f4f5b76ac2cff9ea0c843725b79a447082a07d58d1ac10f89a810c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e655f2bdec7a6c4b8013bc3567770463f4af011bac7bb1248ecbc5a8e39bc94
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5de6739e9847c4f4d179a4b69eab45a9d7d893472a354ac7a3d477fc8c0be048
5e505a4a1902bb022a5057e7b68df700a11c5f29ea579a431aa23b6e3f17f0e8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5ffaa38b1eb97aa761378ac0ab66b43d92aa9a5706b465e5dc99ae2007b440ec
605107a1f70ece4f5a969d2bd7337d9c85e56fcf7a3695828a4b472531e67575
607a27c4574a4fdfc027878106c05fdffc9bf44c926eec0de1395b4132773802
60fcd8324adba2f7d79bfa56c42dedb22021f2cbb211803a103c4d3d39f8d8c4
627f624619aff030ba3563ff816f50a9183c8875698ef101ae4da41346ea3b18
62ec7ef2534215c69b3bdada25a801b44a16bf130553e13c26919dbce658ba57
6744fdcb8927b9f648125e62eaf67dead7b48a34fdb41c063b37ce81ee914da3
6819b8c0c5650d0ca031a2b12f8335f2f0af7457832e2856a4285f1132eecccf
686a56a4d4902f8ffdf569b35b93fd9227f7fe66133752b12556a14392ffd83d
68846b71d18b8e4470d493c486f401b96759df9bc446a288f651ef1ab4970ce6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6f326dd2ffff592f9d63dc27de8360d8dd5e2af2b1f2d1b913ac0c245cacfeba
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
727d3b20fbde4e8da6e45309a21a2d17ad3f40f26b9ed4c4340b8bb8ecc4854f
74696de7db3cfc983f841facfdca75dbf4c114af467b05e23fe6d95694cab0fa
7b57c2f5e62f93626db76e9cfe4d628efa534e17e22017582793da4b9ca6eb7b
7bc8d4813d2e392ce29978b9a0daa384be58a6e53fb39409fa3df96f533b9396
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d72217c28ca528df7dfe7073878980a7dcb2410cfe8001b5b0e61fb283591d7
7f980ffcfddfbb4055da9bda5186257486054907e98eb4d3718062948138d73d
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
84b2051c012ad6cb45b30bee85f013ee273962cf42ceba1a4406947bf61655e5
879e933f3b53eee2e470647cb404181936d3ad323ba2599bdec3d09f9d4bfd6d
885f870ef66178ee53e88f6a32afcfb3917806585b7eb3ed43b47a8b6e7cb1e9
8a367bf06b234e926316ba7a691f834622cf35f7ba522728dd1314e0bcb6cf26
8abe8fe3e6ade38b2f7e068c52e9e5c601fcaf49a197e034321cde81d31ba052
8b14426ef95e792e75b3e4562449104788ab5b3b87da5421188ac94fe78ada95
9014d66103b5392d1b4c6f06bae251c17ddb595cdfe900dea5315ab98808e808
9332c57d9087668a5942b845345aaf9eab472783d46db0ac9e2526c848aa2452
96b8a6d0edcf33a808f2e5838e0c51e73073201f390d800183344cbac30a37e2
984b42277d457f58909aeee5d1fdfe6db8eaf0c9abd5e9fb60b57f2289b989bf
9b0a6422cc5bbe24d1ca3574c4bd87943b688594b5dd51a34f828fde41c3a2e5
9d2ced8d279292c52a3dfd3eb6fac8e5a96bf8694eec54b13273abfded0c323c
9fe2218b1dcf95d2e8ed56d64a772090445e02beb9a0089d2d1746f9345c855a
a08c01d451bd2649996e79c2480e43b5ede3f2833fdadc14ef8ab7a99e7a6fca
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
ab732d27774ae2dfc831b822704faf1a6ed395a9b8eeda1cb1cdc7130c4c618f
ac720a002beb828e2b59de3ca998ebdeac987932c69ddd1d3107cb8015fdd98a
ac8d2f2be577b89fdbd26a497ece0c0bc127dd2ed5676119e0055b62e4daf48e
aeafd28221cbbba478a0b1211f707f5699ce15f2eb7e4c853a3cf5dca161b74b
b0c50f803070e67536a06f7be34fe6951bc7becb2a4a5d7ba76b59d02580342e
b112612e264f3d98b0abb697188c6910a8584bb6fff35e1ac2229e96936e4504
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b44ffe26914f8f7758ac2792e8aff5b1f9ef09c209909ed9972f3a8c9db110a4
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b71394594d41941aae976ddac4dfa342fe5329267a6cb6459c9424b3aaab0032
b72c2fa4ec43c5e5bfe4690c354ac6ab02ce346602cb558384cb9929a957cf2f
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c90a20bb2cca8d1c2f1107c4025db7beadcf1d6dbcbf387f42d43351725f70f1
cc4cb1016499eb5d88379d9cdf358b0083b7c1b80f00889ce86649a88c746e10
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf508ccd4468488021e4e1fb4a7e93d79a8e6b4d2ee223c5dd9b5c0e33ac8dd3
d0618c645973912e9c8183bada236232eff2800e158115d44226bea2878643e2
d0e38d38bbab2bcd91d6bc0822809271abed218eea8684a4e0d41355de361157
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d5be2c218afb1967771279fae48c65ed29101f2b91b51933e0aacba437a34a29
da2fd84220ee9fc01bb1cd5f584e0fbb0b23ec48f548681dd28c00d1522a1fd0
daae2ab4fc393f578c58eac1904b85466f51f9077c7f42467e2d0e566a32100c
e2abbe6ebb7d5abafb10db02c60fe6ad48562f8a6a6371a8ce324980dc76d664
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6913000ad0d73535ca314d6fce75229b8de1a20ac464247359d710713384596
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f77c5875446869d217093be35007de65b6511aa76ce2bce5214c8754225d42c1