www.geelongadvertiser.com.au Open in urlscan Pro
104.83.196.116 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://click.e.geelongadvertiser.com.au/?qs=0ba8c180a4aae6ce09bc4de0f544f454107be4b237e47f4ee98267b5cfe4d5d4401bd665b08cb10657d8ecc6d805...
Effective URL:
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%...
Submission: On September 23 via api (September 23rd 2022, 5:05:35 pm UTC) from BE — Scanned from AU

Summary HTTP 275 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 65 IPs in 9 countries across 44 domains to perform 275 HTTP transactions. The main IP is 104.83.196.116, located in Singapore, Singapore and belongs to AKAMAI-AS, US. The main domain is www.geelongadvertiser.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 7th 2022. Valid for: a year.

This is the only time www.geelongadvertiser.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.111.42.176 13.111.42.176	22606 (EXACT-7) (EXACT-7)
5 11	104.83.196.116 104.83.196.116	16625 (AKAMAI-AS) (AKAMAI-AS)
2 10	104.83.196.200 104.83.196.200	16625 (AKAMAI-AS) (AKAMAI-AS)
20	192.0.66.58 192.0.66.58	2635 (AUTOMATTIC) (AUTOMATTIC)
4	104.71.48.190 104.71.48.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.71.48.207 104.71.48.207	16625 (AKAMAI-AS) (AKAMAI-AS)
19	23.199.136.8 23.199.136.8	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	104.69.149.41 104.69.149.41	16625 (AKAMAI-AS) (AKAMAI-AS)
2	54.82.104.152 54.82.104.152	14618 (AMAZON-AES) (AMAZON-AES)
8	54.192.150.112 54.192.150.112	16509 (AMAZON-02) (AMAZON-02)
11	3.1.114.116 3.1.114.116	16509 (AMAZON-02) (AMAZON-02)
16	151.101.128.176 151.101.128.176	54113 (FASTLY) (FASTLY)
1	52.77.12.90 52.77.12.90	16509 (AMAZON-02) (AMAZON-02)
1	63.140.48.135 63.140.48.135	16509 (AMAZON-02) (AMAZON-02)
1 1	52.221.36.185 52.221.36.185	16509 (AMAZON-02) (AMAZON-02)
1 10	142.251.12.138 142.251.12.138	15169 (GOOGLE) (GOOGLE)
8	54.187.159.182 54.187.159.182	16509 (AMAZON-02) (AMAZON-02)
4	172.217.194.156 172.217.194.156	15169 (GOOGLE) (GOOGLE)
2	157.240.7.26 157.240.7.26	32934 (FACEBOOK) (FACEBOOK)
1	18.155.68.45 18.155.68.45	16509 (AMAZON-02) (AMAZON-02)
4	142.250.4.92 142.250.4.92	15169 (GOOGLE) (GOOGLE)
2	13.224.250.2 13.224.250.2	16509 (AMAZON-02) (AMAZON-02)
2 4	104.254.151.69 104.254.151.69	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
1 1	50.116.239.150 50.116.239.150	6336 (TURN-US-ASN) (TURN-US-ASN)
16	54.187.119.242 54.187.119.242	16509 (AMAZON-02) (AMAZON-02)
2 5	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
3 8	142.251.10.156 142.251.10.156	15169 (GOOGLE) (GOOGLE)
11 17	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	104.83.196.208 104.83.196.208	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.148.34.38 54.148.34.38	16509 (AMAZON-02) (AMAZON-02)
15	142.251.10.94 142.251.10.94	15169 (GOOGLE) (GOOGLE)
1 1	199.127.207.180 199.127.207.180	26120 (RHYTHMONE) (RHYTHMONE)
2	42.99.140.160 42.99.140.160	4637 (ASN-TELST...) (ASN-TELSTRA-GLOBAL Telstra Global)
3	13.224.250.112 13.224.250.112	16509 (AMAZON-02) (AMAZON-02)
4	54.192.150.97 54.192.150.97	16509 (AMAZON-02) (AMAZON-02)
2 2	18.140.27.177 18.140.27.177	16509 (AMAZON-02) (AMAZON-02)
1 1	35.174.143.220 35.174.143.220	14618 (AMAZON-AES) (AMAZON-AES)
1	34.210.169.61 34.210.169.61	16509 (AMAZON-02) (AMAZON-02)
2	63.140.48.177 63.140.48.177	16509 (AMAZON-02) (AMAZON-02)
1 1	23.207.37.206 23.207.37.206	16625 (AKAMAI-AS) (AKAMAI-AS)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	74.125.200.154 74.125.200.154	15169 (GOOGLE) (GOOGLE)
4	142.251.12.156 142.251.12.156	15169 (GOOGLE) (GOOGLE)
4	142.251.12.132 142.251.12.132	15169 (GOOGLE) (GOOGLE)
3	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	67.199.150.86 67.199.150.86	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	103.71.26.125 103.71.26.125	132134 (SPOTX-AS-...) (SPOTX-AS-AP SpotXchange)
4	157.240.7.35 157.240.7.35	32934 (FACEBOOK) (FACEBOOK)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	142.251.12.100 142.251.12.100	15169 (GOOGLE) (GOOGLE)
1 6	142.251.10.104 142.251.10.104	15169 (GOOGLE) (GOOGLE)
1	74.118.186.44 74.118.186.44	26120 (RHYTHMONE) (RHYTHMONE)
4	13.210.135.68 13.210.135.68	16509 (AMAZON-02) (AMAZON-02)
1	18.155.68.87 18.155.68.87	16509 (AMAZON-02) (AMAZON-02)
1	13.224.250.29 13.224.250.29	16509 (AMAZON-02) (AMAZON-02)
20	142.250.4.100 142.250.4.100	15169 (GOOGLE) (GOOGLE)
2	18.139.197.60 18.139.197.60	16509 (AMAZON-02) (AMAZON-02)
1	13.224.250.85 13.224.250.85	16509 (AMAZON-02) (AMAZON-02)
1	13.215.111.251 13.215.111.251	16509 (AMAZON-02) (AMAZON-02)
4	52.84.228.218 52.84.228.218	16509 (AMAZON-02) (AMAZON-02)
1	142.251.10.97 142.251.10.97	15169 (GOOGLE) (GOOGLE)
1	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
3 6	142.251.10.149 142.251.10.149	15169 (GOOGLE) (GOOGLE)
4 4	52.74.162.2 52.74.162.2	16509 (AMAZON-02) (AMAZON-02)
4 5	35.213.12.39 35.213.12.39	15169 (GOOGLE) (GOOGLE)
1	35.227.202.26 35.227.202.26	15169 (GOOGLE) (GOOGLE)
4	104.254.151.120 104.254.151.120	29990 (ASN-APPNEX) (ASN-APPNEX)
2	74.125.24.156 74.125.24.156	15169 (GOOGLE) (GOOGLE)
3	3.126.61.30 3.126.61.30	16509 (AMAZON-02) (AMAZON-02)
2 2	103.231.98.194 103.231.98.194	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	74.125.68.156 74.125.68.156	15169 (GOOGLE) (GOOGLE)
2	74.125.200.94 74.125.200.94	15169 (GOOGLE) (GOOGLE)
275	65

1 13.111.42.176 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: click.e.geelongadvertiser.com.au

click.e.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 104.83.196.116 (Singapore, Singapore) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-116.deploy.static.akamaitechnologies.com

www.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
commerceapi.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.83.196.200 (Singapore, Singapore) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-200.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 192.0.66.58 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

dsf.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.71.48.190 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-190.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.71.48.207 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-207.deploy.static.akamaitechnologies.com

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 23.199.136.8 (Kuala Lumpur, Malaysia)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-136-8.deploy.static.akamaitechnologies.com

subscriptions.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.149.41 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-149-41.deploy.static.akamaitechnologies.com

a20352597942.cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.82.104.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-82-104-152.compute-1.amazonaws.com

logx.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.192.150.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-112.sin2.r.cloudfront.net

subscriptions.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 3.1.114.116 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 151.101.128.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.77.12.90 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-12-90.ap-southeast-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.140.48.135 (United States)

ASN16509 (AMAZON-02, US)

newscorpau.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.221.36.185 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-36-185.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.251.12.138 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: se-in-f138.1e100.net

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.187.159.182 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-159-182.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.7.26 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-45.sin52.r.cloudfront.net

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.4.92 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f92.1e100.net

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.250.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-2.sin52.r.cloudfront.net

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.69 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.150 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d3273622690172371738-t8729284472680427041.id.amgdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 54.187.119.242 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-187-119-242.stripe.com

r.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 69.173.158.64 (Singapore, Singapore) 2 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.10.156 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 35.71.131.137 (United States) 11 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.83.196.208 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-208.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.34.38 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-34-38.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.180 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 42.99.140.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-160.pacnet.net

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.250.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-112.sin52.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.150.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-97.sin2.r.cloudfront.net

au-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.140.27.177 (Singapore, Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-27-177.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.174.143.220 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-174-143-220.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.210.169.61 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-169-61.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.48.177 (United States)

ASN16509 (AMAZON-02, US)

metrics.geelongadvertiser.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.37.206 (Jakarta, Indonesia) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-37-206.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.200.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f154.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.156 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f156.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net

c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 67.199.150.86 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.125 (Singapore, Singapore) 1 redirects

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.7.35 (Singapore, Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.100 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f100.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.10.104 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f104.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.210.135.68 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com

au.pixel.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.155.68.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-87.sin52.r.cloudfront.net

ncg.tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-29.sin52.r.cloudfront.net

au.audience.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.4.100 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f100.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.139.197.60 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-139-197-60.ap-southeast-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.250.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-85.sin52.r.cloudfront.net

irf9txootzmfmmafcw6jhsra4faf01663952728.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.215.111.251 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-111-251.ap-southeast-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.84.228.218 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-228-218.sin2.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.10.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.10.149 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: sd-in-f149.1e100.net

8228261.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.74.162.2 (Singapore, Singapore) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.213.12.39 (Tokyo, Japan) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.202.26 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 26.202.227.35.bc.googleusercontent.com

au-gmtdmp.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.254.151.120 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.126.61.30 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-61-30.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.231.98.194 (Japan) 2 redirects

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.68.156 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: sc-in-f156.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net

www.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	google.com 2 redirects news.google.com — Cisco Umbrella Rank: 5276 pay.google.com — Cisco Umbrella Rank: 2890 adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2 play.google.com — Cisco Umbrella Rank: 24	498 KB
41	stripe.com js.stripe.com — Cisco Umbrella Rank: 972 q.stripe.com — Cisco Umbrella Rank: 6432 r.stripe.com — Cisco Umbrella Rank: 4376 m.stripe.com — Cisco Umbrella Rank: 898	457 KB
26	geelongadvertiser.com.au 6 redirects click.e.geelongadvertiser.com.au www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au metrics.geelongadvertiser.com.au	634 KB
24	newscorpaustralia.com dsf.newscorpaustralia.com — Cisco Umbrella Rank: 628717 login.newscorpaustralia.com — Cisco Umbrella Rank: 76006	462 KB
21	adsrvr.org 11 redirects match.adsrvr.org — Cisco Umbrella Rank: 342 js.adsrvr.org — Cisco Umbrella Rank: 1428 insight.adsrvr.org — Cisco Umbrella Rank: 624	19 KB
21	news.com.au 2 redirects tags.news.com.au — Cisco Umbrella Rank: 51772 subscriptions.news.com.au — Cisco Umbrella Rank: 612719 ncg.tags.news.com.au — Cisco Umbrella Rank: 94296 commerceapi.news.com.au — Cisco Umbrella Rank: 717846	258 KB
16	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 8228261.fls.doubleclick.net — Cisco Umbrella Rank: 110246 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	163 KB
15	gstatic.com www.gstatic.com fonts.gstatic.com	598 KB
12	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 208 newscorpau.demdex.net — Cisco Umbrella Rank: 66394	16 KB
9	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 228 acdn.adnxs.com — Cisco Umbrella Rank: 611 secure.adnxs.com — Cisco Umbrella Rank: 432	11 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1036 sync-tm.everesttech.net — Cisco Umbrella Rank: 562	2 KB
8	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	42 KB
6	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2458 secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 6490 irf9txootzmfmmafcw6jhsra4faf01663952728.nuid.imrworldwide.com	67 KB
6	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 1967 bs.serving-sys.com — Cisco Umbrella Rank: 1209 lm.serving-sys.com — Cisco Umbrella Rank: 1924	26 KB
6	newscgp.com au.tags.newscgp.com — Cisco Umbrella Rank: 70114 au.pixel.newscgp.com — Cisco Umbrella Rank: 128998 au.audience.newscgp.com — Cisco Umbrella Rank: 142688	49 KB
5	bidswitch.net 4 redirects x.bidswitch.net — Cisco Umbrella Rank: 301	3 KB
5	casalemedia.com 2 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1370 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	4 KB
5	rubiconproject.com 2 redirects token.rubiconproject.com — Cisco Umbrella Rank: 667 pixel.rubiconproject.com — Cisco Umbrella Rank: 335	3 KB
4	yahoo.com 4 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 287	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	752 B
4	dotmetrics.net au-script.dotmetrics.net — Cisco Umbrella Rank: 38507	39 KB
4	pubmatic.com 2 redirects image5.pubmatic.com — Cisco Umbrella Rank: 50237 image2.pubmatic.com — Cisco Umbrella Rank: 883 simage2.pubmatic.com — Cisco Umbrella Rank: 690	1019 B
4	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 705 a20352597942.cdn.optimizely.com — Cisco Umbrella Rank: 681263 logx.optimizely.com — Cisco Umbrella Rank: 1203	86 KB
4	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1002	16 KB
3	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 97372 www.google.com.au — Cisco Umbrella Rank: 24554	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 128	17 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 563	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 396	381 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1103 beacon.krxd.net — Cisco Umbrella Rank: 513	528 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 961	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1039	16 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 152	111 KB
2	wp.com stats.wp.com — Cisco Umbrella Rank: 2621 pixel.wp.com — Cisco Umbrella Rank: 2436	3 KB
1	mookie1.com au-gmtdmp.mookie1.com — Cisco Umbrella Rank: 310341	641 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	46 KB
1	1rx.io sync.1rx.io — Cisco Umbrella Rank: 547	99 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	taboola.com trc.taboola.com — Cisco Umbrella Rank: 697	369 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 511	488 B
1	scanscout.com 1 redirects dt.scanscout.com — Cisco Umbrella Rank: 29849	698 B
1	amgdgt.com 1 redirects d3273622690172371738-t8729284472680427041.id.amgdgt.com	386 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1042	545 B
1	omtrdc.net newscorpau.sc.omtrdc.net — Cisco Umbrella Rank: 212259	276 B
1	api.news content.api.news — Cisco Umbrella Rank: 42682	11 KB
275	44

	Domain	Requested by
20	play.google.com	www.gstatic.com
20	dsf.newscorpaustralia.com	www.geelongadvertiser.com.au dsf.newscorpaustralia.com subscriptions.geelongadvertiser.com.au
16	r.stripe.com	js.stripe.com
16	js.stripe.com	subscriptions.geelongadvertiser.com.au js.stripe.com
15	subscriptions.geelongadvertiser.com.au	www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au
12	www.gstatic.com	pay.google.com news.google.com www.gstatic.com www.google.com
11	match.adsrvr.org	7 redirects www.geelongadvertiser.com.au js.adsrvr.org
11	dpm.demdex.net	tags.news.com.au
10	news.google.com	1 redirects subscriptions.geelongadvertiser.com.au news.google.com www.geelongadvertiser.com.au www.gstatic.com
10	tags.news.com.au	2 redirects tags.tiqcdn.com au.tags.newscgp.com
8	sync-tm.everesttech.net	8 redirects
8	q.stripe.com	www.geelongadvertiser.com.au
8	subscriptions.news.com.au	client subscriptions.news.com.au
8	www.geelongadvertiser.com.au	5 redirects www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au
6	insight.adsrvr.org	4 redirects js.adsrvr.org
6	8228261.fls.doubleclick.net	3 redirects www.geelongadvertiser.com.au
6	www.google.com	1 redirects tpc.googlesyndication.com subscriptions.geelongadvertiser.com.au www.gstatic.com www.google.com www.geelongadvertiser.com.au
5	x.bidswitch.net	4 redirects js.adsrvr.org
4	secure.adnxs.com	www.geelongadvertiser.com.au
4	ups.analytics.yahoo.com	4 redirects
4	js.adsrvr.org	secure-ds.serving-sys.com insight.adsrvr.org
4	au.pixel.newscgp.com	au.tags.newscgp.com
4	www.facebook.com
4	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	adservice.google.com	securepubads.g.doubleclick.net 8228261.fls.doubleclick.net
4	pixel.rubiconproject.com	2 redirects www.geelongadvertiser.com.au
4	au-script.dotmetrics.net	tags.news.com.au au-script.dotmetrics.net
4	cm.g.doubleclick.net	3 redirects
4	ib.adnxs.com	2 redirects www.geelongadvertiser.com.au
4	pay.google.com	js.stripe.com pay.google.com www.geelongadvertiser.com.au www.gstatic.com
4	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net
4	login.newscorpaustralia.com	www.geelongadvertiser.com.au login.newscorpaustralia.com
4	tags.tiqcdn.com	www.geelongadvertiser.com.au subscriptions.geelongadvertiser.com.au tags.tiqcdn.com
3	lm.serving-sys.com	secure-ds.serving-sys.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	dsum-sec.casalemedia.com	www.geelongadvertiser.com.au
3	fonts.gstatic.com	news.google.com www.google.com
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
2	www.google.com.au	www.geelongadvertiser.com.au
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	simage2.pubmatic.com	2 redirects
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	commerceapi.news.com.au	subscriptions.geelongadvertiser.com.au
2	secure-sdk.imrworldwide.com
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	metrics.geelongadvertiser.com.au	tags.news.com.au
2	ps.eyeota.net	2 redirects
2	secure-ds.serving-sys.com	tags.tiqcdn.com secure-ds.serving-sys.com
2	ssum.casalemedia.com	2 redirects
2	m.stripe.network	js.stripe.com m.stripe.network
2	connect.facebook.net	tags.tiqcdn.com connect.facebook.net
2	logx.optimizely.com	cdn.optimizely.com
1	au-gmtdmp.mookie1.com	www.geelongadvertiser.com.au
1	acdn.adnxs.com	www.geelongadvertiser.com.au
1	www.googletagmanager.com	secure-ds.serving-sys.com
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	irf9txootzmfmmafcw6jhsra4faf01663952728.nuid.imrworldwide.com
1	au.audience.newscgp.com	au.tags.newscgp.com
1	ncg.tags.news.com.au	au.tags.newscgp.com
1	sync.1rx.io
1	www.google-analytics.com	www.gstatic.com
1	trc.taboola.com
1	image2.pubmatic.com
1	c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	dt.scanscout.com	1 redirects
1	m.stripe.com	m.stripe.network
1	image5.pubmatic.com
1	token.rubiconproject.com
1	d3273622690172371738-t8729284472680427041.id.amgdgt.com	1 redirects
1	d.turn.com	1 redirects
1	au.tags.newscgp.com	tags.tiqcdn.com
1	cm.everesttech.net	1 redirects
1	newscorpau.sc.omtrdc.net	tags.news.com.au
1	newscorpau.demdex.net	tags.news.com.au
1	pixel.wp.com	www.geelongadvertiser.com.au
1	content.api.news	www.geelongadvertiser.com.au
1	a20352597942.cdn.optimizely.com	cdn.optimizely.com
1	stats.wp.com	www.geelongadvertiser.com.au
1	cdn.optimizely.com	www.geelongadvertiser.com.au
1	click.e.geelongadvertiser.com.au	1 redirects
275	85

This site contains links to these domains. Also see Links.

Domain
www.newscorpaustraliaprivacy.com
www.dailytelegraph.com.au
www.heraldsun.com.au
www.couriermail.com.au
www.adelaidenow.com.au
www.cairnspost.com.au
www.goldcoastbulletin.com.au
www.ntnews.com.au
www.thechronicle.com.au
www.themercury.com.au
www.townsvillebulletin.com.au
www.theaustralian.com.au
www.news.com.au
preferences.news.com.au

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2022-02-07` - `2023-02-06`	a year	crt.sh
dsf.newscorpaustralia.com R3	`2022-08-28` - `2022-11-26`	3 months	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
cdn.optimizely.com DigiCert SHA2 Secure Server CA	`2021-12-24` - `2022-12-24`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-03` - `2023-06-07`	a year	crt.sh
logx.optimizely.com Amazon	`2022-07-24` - `2023-08-22`	a year	crt.sh
subscriptions.news.com.au Amazon	`2022-05-06` - `2023-06-04`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-11-19`	a year	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-08-31` - `2023-01-10`	4 months	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.news.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-06` - `2022-12-07`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-03` - `2022-10-01`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2022-01-11` - `2023-02-08`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.dotmetrics.net Amazon	`2022-09-23` - `2023-10-21`	a year	crt.sh
metrics.geelongadvertiser.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-06-17` - `2023-07-18`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
www.newsconnect.com.au Amazon	`2022-04-09` - `2023-05-08`	a year	crt.sh
au.audience.newscgp.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.nuid.imrworldwide.com Amazon	`2022-05-12` - `2023-06-10`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh

This page contains 38 frames:

Primary Page: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Frame ID: E513A025F330AC6FD01EECCB3CCFBC91
Requests: 91 HTTP requests in this frame

Frame: https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html
Frame ID: C1D53485C28E77896E9BC7CA1D356540
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Q~INyvYYVubgUcO.Zyv6z1hDY2aSNGAj&nonce=ccyUKKya-49DT4HLNDkgFTKhYpwYLO6m&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 5F280943AE4BD6F8B2F585D2027BC4C7
Requests: 3 HTTP requests in this frame

Frame: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
Frame ID: F9AA5912DBC8B3AE9D45220FF29FF1CB
Requests: 28 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 08C9A08FD1366E1BD6CB2A86D213CDC1
Requests: 22 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-a450144f0729644038ea734c6a249a07.html
Frame ID: 2394659754C2ED772CEAA79E96F78A9C
Requests: 4 HTTP requests in this frame

Frame: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html
Frame ID: DF0F5DCEF51872A710770D0F0342E64C
Requests: 23 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html
Frame ID: 17407D4DE31B694AEA412801054AF27C
Requests: 6 HTTP requests in this frame

Frame: https://js.stripe.com/v3/payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html
Frame ID: 00E9989F73C5700C72B30508CCD56E4E
Requests: 5 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: 1BA8C8DF2D2ABBA57AF20BF0C445C23D
Requests: 4 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
Frame ID: 8792494DAD309B14792D3ADF7BEDA1A9
Requests: 13 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
Frame ID: 20EF71793FC8A7B7D1219F780A705A11
Requests: 15 HTTP requests in this frame

Frame: https://c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2ABDD9BAFED216A917220A46FD796198
Requests: 1 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fsubscriptions.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=jJgzc42HNTzrEXT382C5c_uaXbttkJ3K&nonce=l8KAS5iC0ZLg0.CmFU3.gH7BfM.SNg7T&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D
Frame ID: 07F96817CA0028F302EB2833153CFB2D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F12C30A5914181B096EC09B154FEE29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 324E02A9764AA1D2528B43F3C6F9028F
Requests: 2 HTTP requests in this frame

Frame: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Frame ID: 2233B34528107BD9B1B9A332284BE5D5
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 277FC221A6B09312E51DE6FE41C4C769
Requests: 3 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: A42FF92BC332B97BCA0521A2B1D57E3B
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/gtag/js?id=AW-842662438
Frame ID: 97B0079141C8678CA470C439F4C95A66
Requests: 7 HTTP requests in this frame

Frame: https://js.adsrvr.org/up_loader.1.1.0.js
Frame ID: CFE524FD41BB0C4CFA9BCD6E8BCC0BD2
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/up/pixie.js
Frame ID: BEC1CA84167BAF2669FC9B6D09BA162B
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14
Frame ID: E753309E1F468E2B261F462D82D11628
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69
Frame ID: B34EA5F92A67F7967ADEE1F243DC941C
Requests: 2 HTTP requests in this frame

Frame: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572
Frame ID: 7722CD3509C74FC2392AEB513C48F25F
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: CE1DC30970CF3502DB13D0E838A979F6
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=
Frame ID: 457DB46E01A5C458BF258473728BA2DB
Requests: 1 HTTP requests in this frame

Frame: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
Frame ID: BF8B4D58AB544D0B1EA29EB764C65507
Requests: 1 HTTP requests in this frame

Frame: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=
Frame ID: 28020105EBA18EE8CBFF6DC9BBCF0770
Requests: 1 HTTP requests in this frame

Frame: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296536&src.rand=[timestamp]
Frame ID: B7320232A9D2DECD1E6467CE5A4586C8
Requests: 1 HTTP requests in this frame

Frame: https://secure.adnxs.com/px?id=879169&seg=9702350&t=2
Frame ID: D13789C823F10024C75BEFE1F7C83DBB
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=wmjfpjgpbgp
Frame ID: 64F30DAEC99C1D837A7E28BAF28E2ECE
Requests: 7 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&upid=gwdsao6&upv=1.1.0
Frame ID: EEC2EAB0CDD00C3C0D2EAF8DCBED0E92
Requests: 2 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&upid=3ausds4&upv=1.1.0
Frame ID: C54B775668EA4E8E898CE17AE1390DCA
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: 736D8111BC211FDA83E11E6C63CCFA46
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Frame ID: 89773923216DE9BA717B9BC32652E8A6
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Frame ID: EB841674D45952AE9E03CBEE93675BF0
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Frame ID: BC9CE840F24A3312943B687D9B2CDC8D
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscribe to the Geelong Advertiser

Page URL History Show full URLs

https://click.e.geelongadvertiser.com.au/?qs=0ba8c180a4aae6ce09bc4de0f544f454107be4b237e47f4ee98267b5cfe4d5d4401bd665... HTTP 302
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-cori... HTTP 302
https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2ftr... HTTP 302
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-cori... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.a... HTTP 302
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-cori... HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelo... HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.a... HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelo... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

275
Requests

90 %
HTTPS

0 %
IPv6

44
Domains

85
Subdomains

65
IPs

9
Countries

3656 kB
Transfer

10737 kB
Size

81
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: http://www.newscorpaustraliaprivacy.com/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/
Title: dailytelegraph.com.au

Search URL Search Domain Scan URL

URL: https://www.heraldsun.com.au/
Title: heraldsun.com.au

Search URL Search Domain Scan URL

URL: https://www.couriermail.com.au/
Title: couriermail.com.au

Search URL Search Domain Scan URL

URL: https://www.adelaidenow.com.au/
Title: advertiser.com.au

Search URL Search Domain Scan URL

URL: https://www.cairnspost.com.au/
Title: cairnspost.com.au

Search URL Search Domain Scan URL

URL: https://www.goldcoastbulletin.com.au/
Title: goldcoastbulletin.com.au

Search URL Search Domain Scan URL

URL: https://www.ntnews.com.au/
Title: ntnews.com.au

Search URL Search Domain Scan URL

URL: https://www.thechronicle.com.au/
Title: thechronicle.com.au

Search URL Search Domain Scan URL

URL: https://www.themercury.com.au/
Title: themercury.com.au

Search URL Search Domain Scan URL

URL: https://www.townsvillebulletin.com.au/
Title: townsvillebulletin.com.au

Search URL Search Domain Scan URL

URL: https://www.theaustralian.com.au/
Title: theaustralian.com.au

Search URL Search Domain Scan URL

URL: https://www.news.com.au/
Title: news.com.au

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/privacy
Title: here

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://click.e.geelongadvertiser.com.au/?qs=0ba8c180a4aae6ce09bc4de0f544f454107be4b237e47f4ee98267b5cfe4d5d4401bd665b08cb10657d8ecc6d8054488264f5ad6f7df6dff HTTP 302
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story/7b2ee7da46bfae53f04eddd819e248e8?utm_source=GeelongAdvertiser&utm_medium=email&utm_campaign=Editorial&utm_content=GAD_LATESTNEWS_PM-CUR_01&net_sub_id=426786828&type=curated&position=1&overallPos=2 HTTP 302
https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2ftruecrimeaustralia%2fpolice-courts-geelong%2fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2fnews-story%2f7b2ee7da46bfae53f04eddd819e248e8%3futm_source%3dGeelongAdvertiser%26utm_medium%3demail%26utm_campaign%3dEditorial%26utm_content%3dGAD_LATESTNEWS_PM-CUR_01%26net_sub_id%3d426786828%26type%3dcurated%26position%3d1%26overallPos%3d2 HTTP 302
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story/7b2ee7da46bfae53f04eddd819e248e8?utm_source=GeelongAdvertiser&utm_medium=email&utm_campaign=Editorial&utm_content=GAD_LATESTNEWS_PM-CUR_01&net_sub_id=426786828&type=curated&position=1&overallPos=2 HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2ftruecrimeaustralia%2fpolice-courts-geelong%2fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2fnews-story%2f7b2ee7da46bfae53f04eddd819e248e8%3futm_source%3dGeelongAdvertiser%26utm_medium%3demail%26utm_campaign%3dEditorial%26utm_content%3dGAD_LATESTNEWS_PM-CUR_01%26net_sub_id%3d426786828%26type%3dcurated%26position%3d1%26overallPos%3d2&16639527161017732495 HTTP 302
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story/7b2ee7da46bfae53f04eddd819e248e8?utm_source=GeelongAdvertiser&utm_medium=email&utm_campaign=Editorial&utm_content=GAD_LATESTNEWS_PM-CUR_01&net_sub_id=426786828&type=curated&position=1&overallPos=2&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952717 HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium HTTP 302
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dGAWEB_WRE170_a_NWL%26dest%3dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3danonymous%26mode%3dpremium%26offerset%3dga_truecrime_premium&16639527191919234976 HTTP 302
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://cm.everesttech.net/cm/dd?d_uuid=89173939531797161011850250924033298236 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nVQAAAE8A7gN7

Request Chain 84

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8448983277026331092

Request Chain 85

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://d3273622690172371738-t8729284472680427041.id.amgdgt.com/r/telco/tuid/8729284472680427041/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D8729284472680427041 HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8729284472680427041

Request Chain 100

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODkxNzM5Mzk1MzE3OTcxNjEwMTE4NTAyNTA5MjQwMzMyOTgyMzY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODkxNzM5Mzk1MzE3OTcxNjEwMTE4NTAyNTA5MjQwMzMyOTgyMzY=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHlZ4eYyTKzhEY3PoKaLocI&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 103

https://news.google.com/swg/_/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au HTTP 301
https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au

Request Chain 107

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5

Request Chain 111

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nVphUhT5XhhjSESdSsQAA%264724

Request Chain 117

https://dt.scanscout.com/ssframework/uid?UIAA=89173939531797161011850250924033298236&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-8db65a0dca16c5f6ff9f8024ff46c3f6

Request Chain 127

https://ps.eyeota.net/match?bid=6j5b2cv&uid=89173939531797161011850250924033298236&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=89173939531797161011850250924033298236&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 129

https://usermatch.krxd.net/um/v2?partner=adobe&id=89173939531797161011850250924033298236 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=89173939531797161011850250924033298236

Request Chain 132

https://tags.bluekai.com/site/43981?id=89173939531797161011850250924033298236&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 133

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzblZRQUFBRThBN2dONw==

Request Chain 135

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nVQAAAE8A7gN7&expires=90

Request Chain 142

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nVQAAAE8A7gN7

Request Chain 143

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Yy3nVQAAAE8A7gN7

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nVQAAAE8A7gN7 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nVQAAAE8A7gN7

Request Chain 146

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nVQAAAE8A7gN7

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nVQAAAE8A7gN7&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nVQAAAE8A7gN7&img=1&__user_check__=1&sync_id=ec6d014b-3b61-11ed-85a1-17819dd40207

Request Chain 150

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nVQAAAE8A7gN7&t=2592000&o=0

Request Chain 226

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14

Request Chain 227

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69

Request Chain 228

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572 HTTP 302
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572

Request Chain 229

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:sn89jzz&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wJ6OW2dE2uKTaFMSHDwCUdr3FpiDFMU-~A&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

Request Chain 230

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:dc3lunr&fmt=3 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-etrAtEhE2uKqQ9yiODltZguXQHb3j3I-~A&gdpr=0&gdpr_consent= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=

Request Chain 231

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nrubs1l&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon

Request Chain 232

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nucu8f9&fmt=3 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon HTTP 302
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=Y2I1MWY5YTItYWJhYi00NzBiLWFmOGItZTJkZGZhMjYxOWY1&gdpr=0&gdpr_consent=&ttd_tdid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5 HTTP 302
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&google_gid=CAESELI5TasISSSsHc3dp_GI0Mc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=

Request Chain 260

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

Request Chain 261

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

Request Chain 263

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&r=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dpubmatic HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

Request Chain 274

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=W-ctY7lNxeeu2g-ZsbyoBQ&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10X3pRcWcwTW5sLTY5cjRMLTdGZ3FFa0dxWUxvVTB1aDVWU283bE5Ha2dtbzZnGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERCSXpUczd3Y2RYTmM3S1BHRUZ2eU5NZEhuRDVQZEJzSHFqNThwZk03ekJiZ0MzQzJsb1N0ME50 HTTP 302
https://www.google.com/pagead/1p-conversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10X3pRcWcwTW5sLTY5cjRMLTdGZ3FFa0dxWUxvVTB1aDVWU283bE5Ha2dtbzZnGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERCSXpUczd3Y2RYTmM3S1BHRUZ2eU5NZEhuRDVQZEJzSHFqNThwZk03ekJiZ0MzQzJsb1N0ME50&is_vtc=1&ocp_id=W-ctY7lNxeeu2g-ZsbyoBQ&cid=CAQSKQCsnQUxXJCL9sNGwN-ua8AH9GJqXyt6cDya0mhHXuIh52KNDLtTzlTq&random=962478809&resp=GooglemKTybQhCsO HTTP 302
https://www.google.com.au/pagead/1p-conversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10X3pRcWcwTW5sLTY5cjRMLTdGZ3FFa0dxWUxvVTB1aDVWU283bE5Ha2dtbzZnGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERCSXpUczd3Y2RYTmM3S1BHRUZ2eU5NZEhuRDVQZEJzSHFqNThwZk03ekJiZ0MzQzJsb1N0ME50&is_vtc=1&ocp_id=W-ctY7lNxeeu2g-ZsbyoBQ&cid=CAQSKQCsnQUxXJCL9sNGwN-ua8AH9GJqXyt6cDya0mhHXuIh52KNDLtTzlTq&random=962478809&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hAI-f113yww4_P0U4v05sBEcjw843FFX0LxuzlMCfFO1WB_nxdSaKw0SX1W2kAlRGmM1ev0JsYIG1_QuyKPs3k-

275 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.geelongadvertiser.com.au/subscribe/news/1/
Redirect Chain

https://click.e.geelongadvertiser.com.au/?qs=0ba8c180a4aae6ce09bc4de0f544f454107be4b237e47f4ee98267b5cfe4d5d4401bd665b08cb10657d8ecc6d8054488264f5ad6f7df6dff
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story/7b2ee7da46bfae53f04eddd819e248e8?utm_sour...
https://www.geelongadvertiser.com.au/remote/check_cookie.html?url=https%3a%2f%2fwww.geelongadvertiser.com.au%2ftruecrimeaustralia%2fpolice-courts-geelong%2fpolice-arrest-two-people-after-corio-vill...
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story/7b2ee7da46bfae53f04eddd819e248e8?utm_sour...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2ftruecrimeaustralia%2fpolice-courts-geelong%2fpolice-arrest-two-people-after-corio-village-sh...
https://www.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story/7b2ee7da46bfae53f04eddd819e248e8?utm_sour...
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two...
https://tags.news.com.au/prod/newskey/generator.html?origin=https%3a%2f%2fwww.geelongadvertiser.com.au%2fsubscribe%2fnews%2f1%2f%3fsourceCode%3dGAWEB_WRE170_a_NWL%26dest%3dhttps%253A%252F%252Fwww.g...
https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two...

61 KB
13 KB

835ms
835ms

Document
text/html

104.83.196.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-116.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

af323e9d24abded64a2063999cb90b9d638e333e16b820e1efa721a9b3195a01

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=1200
content-encoding: gzip
content-length: 11811
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: text/html; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:20 GMT
expires: Fri, 23 Sep 2022 17:25:20 GMT
host-header: a9130478a60e5f9135f765b23f26593b
is-https: true
server: nginx
vary: User-Agent Accept-Encoding
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
x-opw: 4
x-powered-by: WordPress VIP <https://wpvip.com>
x-robots-tag: noindex, nofollow
x-rq: sin1 0 2 9980
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Redirect headers

cache-control: max-age=2689
content-length: 154
content-type: text/html
date: Fri, 23 Sep 2022 17:05:19 GMT
etag: "33ff9d0c67eb5d47fbc47cd4b02fa26c:1652934576.471666"
location: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
server: AkamaiNetStorage

GET
H2 200 /
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 102 KB
15 KB 290ms
95ms Stylesheet
text/css 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJyNy0EKgCAQheELZUMF4iY6i+kQU6OFY4S3z01Qu5Y/731wHYqi49OjgBMBT5Jh5t1timlONhWQXBjbQLGthwbeYhUI6MkiY8CYP3GwLZgU42Jd+cfr9u4HTWHstB6MNkb3N4fWQbc=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: decb034877da19aeeff8d72d02419e8637869d680408e609e35b1adb58ae5b38

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:21 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 22 Sep 2022 17:47:42 GMT
server: nginx
age: 164
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-encoding: gzip
content-length: 14680

GET
H2 200 /
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 289 KB
39 KB 386ms
191ms Stylesheet
text/css 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 127ee217132b3ce17c570a754d44573157e26cb5dc28a09cc6dab18eb6e3b01d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:21 GMT
x-rq: syd1 0 2 9980
last-modified: Tue, 20 Sep 2022 18:30:19 GMT
server: nginx
age: 790
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-encoding: gzip
content-length: 40062

GET
H2 200 utag.sync.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 731 B
938 B 771ms
363ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.sync.js?ver=6.0.2
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: ae6930a532e37f08751b8f294f5f02e79fcb2f89b893c2f2a7dd6b817d6d09b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:23 GMT
last-modified: Thu, 21 Jul 2022 10:14:13 GMT
server: AkamaiNetStorage
etag: "b3cd2f8292c0f4a3c108f882d1896c67:1658398453.971963"
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 731
expires: Fri, 23 Sep 2022 17:10:23 GMT

GET
H2 200 rampart.js Show response
www.geelongadvertiser.com.au/remote/identity/rampart/latest/ 277 KB
83 KB 385ms
382ms Script
application/x-javascript 104.83.196.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js?ver=6.0.2

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-116.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
vary: User-Agent, Accept-Encoding
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=1722
date: Fri, 23 Sep 2022 17:05:22 GMT
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Fri, 23 Sep 2022 17:34:04 GMT

GET
H2 200 20352597942.js Show response
cdn.optimizely.com/js/ 281 KB
84 KB 1090ms
679ms Script
text/javascript 104.71.48.207
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/20352597942.js?ver=6.0.2

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.71.48.207 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-71-48-207.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

9261c4d1593044f0b7105e19b4b7183f79ac9afc4c5d8038e653adfb72370d4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.geelongadvertiser.com.au/
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-meta-pci_enabled: False
x-amz-version-id: A45LqsRAwNhEt3jEtpwaKFJ7UT.QVJ6o
content-encoding: gzip
etag: "34385615af6356c11147d428d4a0a910"
x-amz-request-id: 0VKVH0TEV9EA0N3G
x-amz-server-side-encryption: AES256
x-amz-meta-revision: 529
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET, HEAD
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="198";dur=0,cdnip;desc="104.71.48.207";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0
vary: Accept-Encoding
content-length: 85474
x-amz-id-2: PUdf1cnfNjwfq9bMs6rEhhec6g6hDJI4qnxluFxeHmr303AlOOnyG1nGiEeb4wlvGUhV5IdwMMI=
last-modified: Mon, 19 Sep 2022 06:01:13 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 17:05:21 GMT
access-control-max-age: 86400
strict-transport-security: max-age=15768000
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 / Show response
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 98 KB
34 KB 466ms
272ms Script
application/javascript 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZmbGFmYWFmVEWAK/IIi4=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:21 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 22 Sep 2022 17:47:42 GMT
server: nginx
age: 915
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-encoding: gzip
content-length: 34312

GET
H2 200 subscribe-with-google.svg
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/plugins/dynamic-shop-front/assets/common/images/ 7 KB
3 KB 109ms
106ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/plugins/dynamic-shop-front/assets/common/images/subscribe-with-google.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 09522073c5b65206a3115d5cd52bb393ad0915bb1c7b5d6455c14bca8e21f99f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
age: 22
etag: W/"63231b22-1ceb"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2957
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 extended-access.js Show response
subscriptions.geelongadvertiser.com.au/google-loader/ 257 KB
65 KB 1629ms
525ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

6586fcb06dd096b64abb602bc66800564691569011681db3f8b0cc59083be81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:33:06 GMT
x-amz-cf-pop: SIN2-C1
etag: "6b6402adbcd2faa698b56a9b0e92a7c8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=42
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 66273
x-amz-cf-id: h3x61MdS1OYTcOXMi8ZzRgudp93sZGpPbWhApTUNrI7cTu4StvGVUA==

GET
H2 200 loader.js Show response
subscriptions.geelongadvertiser.com.au/loader/ 261 KB
79 KB 1251ms
1136ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

89da578aaa16b9713b817c3b4dcb76703649c53e3dcc770e1ef2b1cba12c2231

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 06:02:39 GMT
x-amz-cf-pop: NRT12-C3
etag: "8ae849c6a0d1a237e642cb036e6f419a"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
strict-transport-security: max-age=600
accept-ranges: bytes
x-amz-cf-id: 513SON-MNk1G18DrHRZgsdgdpA0ZUSB-2UMPNSaj7LCZ86kp1OF50g==

GET
H2 200 / Show response
dsf.newscorpaustralia.com/geelongadvertiser/_static/ 60 KB
17 KB 98ms
94ms Script
application/javascript 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??/wp-content/plugins/dynamic-shop-front/assets/dist/js/dsf-front.build.js,/wp-content/themes/dynamic-shopfront/js/navigation.js?m=1663335841j
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1e119e9797d74ca45555e33fabec6cba1a2c70c0e0e0960d48495cda61572b08

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 0 2 9980
last-modified: Fri, 16 Sep 2022 13:44:01 GMT
server: nginx
age: 916
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=300, must-revalidate
accept-ranges: bytes
content-encoding: gzip
content-length: 16816

GET
H2 200 e-202238.js Show response
stats.wp.com/ 9 KB
3 KB 290ms
94ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202238.js
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-nc: HIT syd
date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: br
server: nginx
etag: W/"61ad9f55-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 10 Sep 2023 23:44:57 GMT

GET
H2 200 SourceSansPro-Regular.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 83 KB
83 KB 457ms
265ms Font
font/woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Regular.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
age: 124
x-cache: hit
content-length: 84664
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
etag: W/"63231b22-14aec"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 we-are-for-you.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 4 KB
2 KB 99ms
98ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/we-are-for-you.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
age: 96
etag: W/"63231b22-1177"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1934
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 logo.svg
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/geelongadvertiser/ 7 KB
3 KB 101ms
100ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/plugins/dynamic-shop-front/assets/mastheads/identity/images/geelongadvertiser/logo.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ce0521f284da500d2370fa55cb67572b396580e84c0a5a5c3a9513c1928ee665

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
age: 22
etag: W/"63231b22-1a23"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2895
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 a20352597942.html Show response
a20352597942.cdn.optimizely.com/client_storage/ Frame C1D5 2 KB
1 KB 520ms
177ms Document
text/html 104.69.149.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://a20352597942.cdn.optimizely.com/client_storage/a20352597942.html

Requested by

Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.69.149.41 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-69-149-41.deploy.static.akamaitechnologies.com

Software

AmazonS3 /

Resource Hash

3d9485951bf56456afeab1b1f542cbac2f28baa83501b86994c7cadaa6f41dff

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=120
content-encoding: gzip
content-length: 874
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:22 GMT
etag: "7da48bf8d6103a24c52571a0b4c4f4aa"
last-modified: Mon, 19 Sep 2022 06:01:08 GMT
server: AmazonS3
server-timing: cdn;desc="AkamaiION";dur=0,rtt;desc="169";dur=0,cdnip;desc="104.69.149.41";dur=0,cdnmap;desc="a4728.x.akamaiedge.net";dur=0,proto;desc="h2";dur=0
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-amz-id-2: JSvWS93hZ4+ptINCj5DxZ6lk/993ZyPJIkPOrhkzOb5h6u6pJXpgjJ95TmpqiN+AZLfqMshWDBE=
x-amz-meta-pci_enabled: False
x-amz-replication-status: COMPLETED
x-amz-request-id: QM4F92X33NXW6R9E
x-amz-server-side-encryption: AES256
x-amz-version-id: x64rowahZJ7rSIT_RXFBo3PpWipBIlLt

GET
H2 200 SourceSansPro-SemiBold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 82 KB
82 KB 446ms
265ms Font
font/woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-SemiBold.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
age: 281
x-cache: hit
content-length: 83897
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
etag: W/"63231b22-14808"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 charter_bold-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 28 KB
28 KB 445ms
264ms Font
font/woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_bold-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
age: 281
x-cache: hit
content-length: 28403
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
etag: W/"63231b22-6f0c"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 SourceSansPro-Italic.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 35 KB
35 KB 446ms
265ms Font
font/woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Italic.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
age: 124
x-cache: hit
content-length: 35529
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
etag: W/"63231b22-8aa8"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 SourceSansPro-Bold.woff2
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 82 KB
82 KB 411ms
230ms Font
font/woff2 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/SourceSansPro-Bold.woff2
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
age: 26
x-cache: hit
content-length: 83373
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
etag: W/"63231b22-1460c"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 charter_italic-webfont.woff
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/ 29 KB
29 KB 277ms
97ms Font
font/woff 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/fonts/charter_italic-webfont.woff
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469

Request headers

Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Origin: https://www.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
content-encoding: gzip
age: 150
x-cache: hit
content-length: 29377
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
etag: W/"63231b22-72d4"
vary: X-Mobile-Class
access-control-allow-methods: GET, HEAD
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 avatar.svg
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 264 B
312 B 97ms
95ms Image
image/svg+xml 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/avatar.svg
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 15 Sep 2022 12:31:30 GMT
server: nginx
age: 96
etag: "63231b22-108"
vary: X-Mobile-Class
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 264
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 6a3690503c4d3761ddff243b46129cd8
content.api.news/v3/images/bin/ 11 KB
11 KB 911ms
910ms Image
image/jpeg 104.83.196.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/6a3690503c4d3761ddff243b46129cd8?width=320
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-116.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: eb9238478e06de700052e21de7855286b1541fa73ca3ae4b1bc75131f8bebff2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

edge-cache-tag: 6a3690503c4d3761ddff243b46129cd8
date: Fri, 23 Sep 2022 17:05:22 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 5eee299b66cefa8eb31fd6638c00805c-6a3690503c4d3761ddff243b46129cd8-320
x-serial: 39
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=5146139
last-modified: Fri, 23 Sep 2022 06:34:15 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 11309
expires: Tue, 22 Nov 2022 06:34:21 GMT

GET
H2 200 Masthead-Digital.png
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/ 1 KB
1 KB 96ms
95ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/Masthead-Digital.png?w=251
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 118 20 443
last-modified: Wed, 20 Jul 2022 16:36:42 GMT
server: nginx
etag: "3b69b655274626e0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1038
expires: Thu, 20 Jul 2023 16:36:42 GMT

GET
H2 200 icon-premium.png
dsf.newscorpaustralia.com/central/wp-content/uploads/sites/8/2021/05/ 286 B
396 B 97ms
96ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/central/wp-content/uploads/sites/8/2021/05/icon-premium.png?w=22
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2de22d2cce6ccf2563f2b8f8ebf6840fcb0915a8fbe0d3e88a4321b8d0b6b8ea

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 113 117 443
last-modified: Wed, 20 Jul 2022 16:27:13 GMT
server: nginx
etag: "6f640ad3fb0d149b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 286
expires: Thu, 20 Jul 2023 16:27:13 GMT

GET
H2 200 icon-faq-plus.png
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 466 B
550 B 155ms
154ms Image
image/png 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-faq-plus.png
Requested by: Host: dsf.newscorpaustralia.com
URL: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://dsf.newscorpaustralia.com/geelongadvertiser/_static/??-eJxljtsKwjAMhl/ILpRBcRfis9QsrnU9sWSMvr21KChe/vn+Q+AoCnMSSgIl7ItPDHNNNnpU7HJR961RsMwkjXgWQGa4hYxr09aHKhRo2Wxx0L1D4yf4qhVHkX5bu1Gh82EGlhroLxR39XnnQVIsrkrrYezj78Mrc40XbcxoprPR0xM5uktO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 01 Sep 2022 11:41:13 GMT
server: nginx
age: 865015
etag: "63109a59-1d2"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 466
expires: Sat, 23 Sep 2023 17:05:22 GMT

GET
H2 200 Masthead-Digital.png
dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/ 1 KB
1 KB 145ms
145ms Image
image/webp 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/geelongadvertiser/wp-content/uploads/sites/71/2021/05/Masthead-Digital.png
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 118 20 443
last-modified: Wed, 20 Jul 2022 16:36:41 GMT
server: nginx
etag: "f3b6a6619219a790"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1038
expires: Thu, 20 Jul 2023 16:36:41 GMT

GET
H2 200 icon-phone.png
dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/ 337 B
390 B 146ms
146ms Image
image/png 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsf.newscorpaustralia.com/wp-content/plugins/dynamic-shop-front/assets/common/images/icon-phone.png
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4e1a4f2c605f26bcf80a2cd8e5d48e887c2062a53cd1d993cb05250223e386a6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:22 GMT
x-rq: syd1 0 2 9980
last-modified: Thu, 01 Sep 2022 11:41:13 GMT
server: nginx
age: 865001
etag: "63109a59-151"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 337
expires: Sat, 23 Sep 2023 17:05:22 GMT

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
373 B 1164ms
292ms XHR
text/plain 54.82.104.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.104.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-104-152.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 17:05:24 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: 15fde55f-02b7-4f4b-bd64-895adcd0f6e9

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ 2 KB
2 KB 519ms
170ms Stylesheet
text/css 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
age: 52217
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 23 Sep 2022 02:35:08 GMT
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: 4yb4yQ1J3KlFpLq8dYugckXaS1otpxNGWA-iQq75msn5GEbjeUotAA==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ 2 KB
2 KB 522ms
173ms Stylesheet
text/css 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
age: 63420
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
date: Thu, 22 Sep 2022 23:28:24 GMT
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: fHs8lotj4hBRDz-8DpTiDIUkM4mc-M2H7cZF62jqWgJeDH27N9r2OQ==

GET
H2 200 adobe_visitor.js Show response
tags.news.com.au/prod/visitor/ 60 KB
20 KB 319ms
319ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.sync.js?ver=6.0.2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:24 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "762b36524699d0c801c527b6e71f35e4:1593471758.804374"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=54430
content-type: application/x-javascript
content-length: 19871

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 99ms
97ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.3.1&blog=194448607&post=5&tz=10&srv=dsf.newscorpaustralia.com&hp=vip&host=www.geelongadvertiser.com.au&ref=&fcp=8779&rand=0.08613177378297787
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 23 Sep 2022 17:05:24 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 5F28 2 KB
3 KB 642ms
641ms Document
text/html 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=Q~INyvYYVubgUcO.Zyv6z1hDY2aSNGAj&nonce=ccyUKKya-49DT4HLNDkgFTKhYpwYLO6m&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js?ver=6.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

a6a5df45585507bf19411bd1c1b44eeabd7b4c1f4e0d0862e3d63f56f6390772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 74f4dd6ddb1e7395-JHB
content-encoding: gzip
content-length: 810
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Fri, 23 Sep 2022 17:05:24 GMT
expires: Fri, 23 Sep 2022 17:05:24 GMT
ot-baggage-auth0-request-id: 74f4dd6ddb1e7395
ot-tracer-sampled: true
ot-tracer-spanid: 681b4c01516d2b2d
ot-tracer-traceid: 39b6429d519fea5f
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-681b4c01516d2b2d-000000000000000039b6429d519fea5f-01
tracestate: auth0-request-id=74f4dd6ddb1e7395,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 548 0 pmb=mTOE,3
x-auth0-requestid: 90fa96e8004ed850f2e8
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1663952725

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 689ms
174ms XHR
application/json 3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1663952724398

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

e040dafbba27341d432638041fef9d6696745285ad9660674c1e0bc7e33b808e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-apse-1-v038-0ed51c3f7.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: myvjEfaET2Y=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1566
Expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 403 csp-reports
login.newscorpaustralia.com/ 0
0 1467ms
370ms Other
text/html 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-136-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 2970e277
login.newscorpaustralia.com/akam/13/ Frame 5F28 0
0

GET 1McDhLIVMB
login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/ Frame 5F28 0
0

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 51 KB
14 KB 662ms
661ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Requested by: Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8ff331fb48dd93bc0b5b72afcc873abc11c0a97e3a2bed8b88f2e3c820aad630

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
last-modified: Thu, 21 Jul 2022 10:14:14 GMT
server: AkamaiNetStorage
etag: "c82de1752ae7335bc386a08ac584f89e:1658398454.179733"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 13848
expires: Fri, 23 Sep 2022 17:10:25 GMT

GET
H2 200 index.html Show response
subscriptions.geelongadvertiser.com.au/caas/ Frame F9AA 759 B
1 KB 573ms
573ms Document
text/html 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

3a12cd2061c21c0041d63028abb671b7227b2cbcbac54ee7e93430f5daa6f5b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=0, no-cache, no-store
content-length: 759
content-type: text/html
date: Fri, 23 Sep 2022 17:05:24 GMT
etag: "253f63d507f6cd6cd0295259a57a917b"
expires: Fri, 23 Sep 2022 17:05:24 GMT
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
pragma: no-cache
strict-transport-security: max-age=600
x-amz-cf-id: PYMgLqSt6LapV63B3M8lgVgV7A8IWbCsOOkogeAq8f-NIAMDKkFNSw==
x-amz-cf-pop: SIN2-C1

GET
H2 200 / Show response
js.stripe.com/v3/ 345 KB
84 KB 432ms
86ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

95cc102d61755c53c91fc8a58f6dd2c802cf284e9dc6ac46dee450434f26461b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 4
x-cache: HIT
content-length: 85138
etag: "95ee58da12c1db3c8fd77b73faa194de"
x-request-id: d7739e18-8e0c-4b57-91e3-764c73007633
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:44:29 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 4

GET
H2 200 extended-access.js Show response
subscriptions.geelongadvertiser.com.au/google-loader/ 257 KB
65 KB 543ms
543ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/loader/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

6586fcb06dd096b64abb602bc66800564691569011681db3f8b0cc59083be81d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:24 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:33:06 GMT
x-amz-cf-pop: SIN2-C1
etag: "6b6402adbcd2faa698b56a9b0e92a7c8"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=40
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 66273
x-amz-cf-id: h3x61MdS1OYTcOXMi8ZzRgudp93sZGpPbWhApTUNrI7cTu4StvGVUA==

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame 08C9 7 KB
3 KB 682ms
171ms Document
text/html 52.77.12.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.77.12.90 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-77-12-90.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-apse-1-v038-0dae3cf57.edge-apse.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aA4A/7twST4=
content-encoding: gzip
date: Fri, 23 Sep 2022 17:05:25 GMT
last-modified: Mon, 19 Sep 2022 08:53:39 GMT
vary: accept-encoding

GET
H2 200 id Show response
newscorpau.sc.omtrdc.net/ 2 B
276 B 516ms
172ms XHR
application/x-javascript 63.140.48.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.sc.omtrdc.net/id?d_visid_ver=4.5.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=89195195664829714231848134108232064550&ts=1663952725095

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.135 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 2
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Yy3nVQAAAE8A7gN7
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=89173939531797161011850250924033298236
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nVQAAAE8A7gN7

42 B
942 B

184ms
174ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nVQAAAE8A7gN7

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-0de376178.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 518owvFgTSM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Yy3nVQAAAE8A7gN7
Date: Fri, 23 Sep 2022 17:05:25 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 m-outer-a450144f0729644038ea734c6a249a07.html Show response
js.stripe.com/v3/ Frame 2394 186 B
772 B 85ms
85ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-a450144f0729644038ea734c6a249a07.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f6b79bfd9363ba4f751ad41230d958bbe7d2536386e57cbf3270c01aefbb09da

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 2098
cache-control: max-age=31536000
content-encoding: br
content-length: 114
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:25 GMT
etag: "a450144f0729644038ea734c6a249a07"
last-modified: Fri, 23 Sep 2022 16:28:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 51
x-content-type-options: nosniff
x-request-id: 98261a09-ff0f-4e56-94d0-cd8d97af8027
x-served-by: cache-mel11235-MEL

GET
H2 200 controller-892160c6bcdb48ec4a3b5a80842f93f8.html Show response
js.stripe.com/v3/ Frame DF0F 297 B
611 B 86ms
85ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

437243047ed330d9a1e4d159689b3a60d8a87c6f6e9797f66c636fe9a831982e

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22
cache-control: max-age=60
content-encoding: br
content-length: 143
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://merchant-ui-api.stripe.com https://errors.stripe.com https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self' 'sha256-0hAheEzaMe6uXIKV4EehS9pu1am1lj/KnnzrOYqckXk='; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:25 GMT
etag: "892160c6bcdb48ec4a3b5a80842f93f8"
last-modified: Fri, 23 Sep 2022 16:28:04 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: f1abc016-ddba-4c93-8f1b-33b14d67d4c0
x-served-by: cache-mel11235-MEL

GET
H2 200 payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html Show response
js.stripe.com/v3/ Frame 1740 380 B
930 B 85ms
85ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

89a2c11109b088d0a1a5ec2dd0617966800807ee37422808450e24c73bc56363

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1399
cache-control: max-age=31536000
content-encoding: br
content-length: 173
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'none'; form-action 'none'; frame-src https://pay.google.com; img-src https://q.stripe.com https://www.gstatic.com; script-src 'self' https://pay.google.com; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:25 GMT
etag: "5d1a9c57339a1507757b454349e146d3"
last-modified: Fri, 23 Sep 2022 16:28:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 2
x-content-type-options: nosniff
x-request-id: caec86e2-2723-46a1-8c93-7d0829cf4b55
x-served-by: cache-mel11235-MEL

GET
H2 200 payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html Show response
js.stripe.com/v3/ Frame 00E9 316 B
918 B 86ms
85ms Document
text/html 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

807e175766c2c674c6b890c69ae198694556bc155ada2e747a01aa92af772adb

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 22
cache-control: max-age=60
content-encoding: br
content-length: 149
content-security-policy: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://api.stripe.com https://errors.stripe.com https://r.stripe.com https://google.com/pay https://pay.google.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src 'self'; img-src 'self' https://q.stripe.com https://www.gstatic.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:25 GMT
etag: "20b77a278eb2028cd229ab03df928a3f"
last-modified: Fri, 23 Sep 2022 16:28:15 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 1
x-content-type-options: nosniff
x-request-id: 41ef3112-0cbd-428c-b374-42ef667c0617
x-served-by: cache-mel11235-MEL

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ Frame F9AA 21 KB
7 KB 532ms
181ms Stylesheet
text/css 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:12:12 GMT

GET
H2 200 runtime~main.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 4 KB
2 KB 383ms
380ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/runtime~main.js?e71e2113307426c39966

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

2e2a5225787112ba7932be82a31c6d8cba4339c226cda044be0373e7a1d7000e

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "06d896fe73b54392f0fc726679269888"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 1881
x-amz-cf-id: TLZgU3aq1CkCvpkUtsyq8r65LU7In5a-JTaH1fbqFdgwK3QUBUnBxQ==

GET
H2 200 33.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 220 KB
71 KB 413ms
411ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/33.js?e71e2113307426c39966

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

2b18e69e2b26bba597286ca0bff7398a9fcb561b84692e2a972994d597cd03d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "732cb39b24b559496fcb824924968daf"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=1
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 72477
x-amz-cf-id: yBYW-8wk6SQ1XP8b0OIsUs0nr9oQLpnYsOCnRc0Ez9z8RJPBVqINmg==

GET
H2 200 920.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 205 KB
40 KB 519ms
517ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/920.js?e71e2113307426c39966

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

68a0b6e695a46086618ec63ed124264f0f6d7ec9b668eea2ed4e8a583a95645e

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN2-C1
etag: "19a6f36c43f519c23caed45c51299737"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=295
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 40925
x-amz-cf-id: 2AmwyyB6p2IGb_Qs9Fg3sJeLJ-b_fehdMcFeJcManmVPjY5FdLEibA==

GET
H2 200 main.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 12 KB
5 KB 557ms
555ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/main.js?e71e2113307426c39966

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

a99069d0051c484212a1c00a967f6c8ff9d36d82f5d814fd99ca58f8997c984e

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "131a6a8dca39099dccf27053cdc5d4e3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=50
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 4640
x-amz-cf-id: f0P-YcPqjD6NGys_m40KqTAUEGDVnPfCLPbscTVIe2O4_xgpx-2SQQ==

POST
H/1.1 204
No Content events Show response
logx.optimizely.com/v1/ 0
373 B 290ms
290ms XHR
text/plain 54.82.104.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://logx.optimizely.com/v1/events
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/20352597942.js?ver=6.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.82.104.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-82-104-152.compute-1.amazonaws.com
Software: nginx/1.21.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 17:05:25 GMT
Server: nginx/1.21.0
Content-Type: text/plain
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Expose-Headers: X-Results-Data-Source
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-Request-Id: e2f229e4-f5e3-4645-b6e2-671ac700fa4d

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 333ms
320ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16639527253730.4858943825698896
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 839
expires: Fri, 23 Sep 2022 17:05:25 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 329ms
318ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
cache-control: max-age=69612
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 147 KB
45 KB 262ms
199ms Script
text/javascript 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/google-loader/extended-access.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

sffe /

Resource Hash

ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:35:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1789
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46294
x-xss-protection: 0
last-modified: Wed, 14 Sep 2022 20:41:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/javascript
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:25:36 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 2394 0
571 B 924ms
304ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 2394 0
570 B 1228ms
610ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame DF0F 0
570 B 1226ms
610ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 107 KB
33 KB 333ms
332ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "08fe99de660944ffd677aa09c2ad8154:1663643873.920173"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=53724
content-type: application/x-javascript
content-length: 33375

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
28 KB 535ms
179ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

sffe /

Resource Hash

1edfc18b553353ded6c3c93cb4ecc146d8237545c675ba362501b8cd0533634a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27803
x-xss-protection: 0
server: sffe
etag: "1342 / 640 of 1000 / last-modified: 1663931382"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Sep 2022 17:05:26 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 184 KB
63 KB 525ms
524ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9eb05ec342e2e8bb70ca106d47373e89:1663130616.359726"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=36022
content-type: application/x-javascript

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 660ms
659ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=52889
content-type: application/x-javascript
content-length: 9840

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 101 KB
27 KB 509ms
169ms Script
application/x-javascript 157.240.7.26
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin6.fbcdn.net

Software

Resource Hash

844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26839
x-xss-protection: 0
pragma: public
x-fb-debug: MENBUdKMXDEv0hm1FesnC/ESRs2LhuYXOMjKJKdsClJ2TUjImQcW7+t59ZiUyMEvzQOkJYOx+sHTj5pHAJetPg==
x-fb-trip-id: 548340344
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 17:05:26 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 538ms
196ms Script
text/javascript 18.155.68.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-45.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:03:55 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Mon, 21 Mar 2022 03:18:38 GMT
Server: AmazonS3
Age: 91
ETag: W/"cd21e4d44772e851dcd7105fef09c01e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 5f0e4b6c5dc81a6ef5ba5add70d69fb0.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: SIN52-P1
X-Amz-Cf-Id: IVFw0hDGHyKfZGWNLXn6uK8Yx1h8zehSpTjLG9baH-vmEQ4s6Ci6MQ==

GET
H2 200 nca_ipsos.js Show response
tags.news.com.au/prod/ipsos/ 30 KB
7 KB 483ms
481ms Script
application/x-javascript 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "f195a817810e0c6b1880a6e2edc2d073:1660712926.791363"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=53882
content-type: application/x-javascript
content-length: 7136

GET
H2 200 utag.502.js Show response
tags.tiqcdn.com/utag/newsltd/gea.sops/prod/ 2 KB
1 KB 202ms
202ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.502.js?utv=ut4.46.201909030147
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2892817176964f59ba93ecadac23067e3b8b7f2dccc243bba87cd206adf05a7c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
content-encoding: gzip
last-modified: Tue, 09 Apr 2019 04:39:41 GMT
server: AkamaiNetStorage
etag: "df2cf1da8e07b876cef87d062563a664:1554784781"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 902
expires: Sat, 08 Oct 2022 17:05:26 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1740 0
570 B 1216ms
607ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 1740 0
570 B 1218ms
609ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-2688237acbc5a4a88b2139712b2406c7.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 2394 526 B
422 B 85ms
85ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-2688237acbc5a4a88b2139712b2406c7.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-a450144f0729644038ea734c6a249a07.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/m-outer-a450144f0729644038ea734c6a249a07.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 2098
x-cache: HIT
content-length: 256
etag: "d96c709017743c0759cf3853d1806ba5"
x-request-id: 57f2491d-b0b1-4ad2-ac0e-d64c132e85b2
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:14 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 51

POST
H2 200 csp-report
q.stripe.com/ Frame 00E9 0
570 B 1213ms
607ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 00E9 0
570 B 1214ms
608ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 shared-274f63d2f70fe93bbbc5650622e3bb9f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DF0F 310 KB
71 KB 93ms
91ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16c04ef87b0e9fc4bc5f85f34aad3ea546b78f0521e00bf2318f81e7a6639a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 2099
x-cache: HIT
content-length: 72788
etag: "4566553a5b25e613c1143b7e532e5d04"
x-request-id: 5da9b72f-eec4-4195-8ff9-c686c2ca513b
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:15 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 controller-bc4269eb8a528785785dc6053665ccec.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DF0F 364 KB
91 KB 93ms
91ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/controller-bc4269eb8a528785785dc6053665ccec.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

272f43023f19753adcf790f4c25f9735c731d26adcb6efe98053522a68b9b930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 2098
x-cache: HIT
content-length: 93351
etag: "bf69c34a7973b3edd0ebd463d291ba23"
x-request-id: 9710e169-7251-4b65-99b0-6173f2aa3d9b
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:13 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 1740 102 KB
33 KB 598ms
255ms Script
application/javascript 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f92.1e100.net

Software

ESF /

Resource Hash

2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OrbCGWcQNgva3bRCy3oQQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-OrbCGWcQNgva3bRCy3oQQA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
expires: Fri, 23 Sep 2022 17:05:25 GMT

GET
H2 200 shared-274f63d2f70fe93bbbc5650622e3bb9f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1740 310 KB
71 KB 104ms
103ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16c04ef87b0e9fc4bc5f85f34aad3ea546b78f0521e00bf2318f81e7a6639a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 2099
x-cache: HIT
content-length: 72788
etag: "4566553a5b25e613c1143b7e532e5d04"
x-request-id: d545566a-3e1e-444f-95a1-e66984ea2f81
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:15 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 12

GET
H2 200 payment-request-inner-google-pay-34f6a884a53c787129e59dd6c0c0346d.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 1740 14 KB
5 KB 194ms
193ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-google-pay-34f6a884a53c787129e59dd6c0c0346d.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-google-pay-5d1a9c57339a1507757b454349e146d3.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1399
x-cache: HIT
content-length: 4766
etag: "78f5d77dc033cc5f76ec923bd3dcd824"
x-request-id: 7b6d2f87-83bb-4980-bd0d-2da5562cf25e
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:14 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 30

GET
H2 200 shared-274f63d2f70fe93bbbc5650622e3bb9f.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 00E9 310 KB
71 KB 195ms
193ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

16c04ef87b0e9fc4bc5f85f34aad3ea546b78f0521e00bf2318f81e7a6639a87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 2099
x-cache: HIT
content-length: 72788
etag: "4566553a5b25e613c1143b7e532e5d04"
x-request-id: e4aeb4c9-a626-4cea-acfd-34b6f44c16cc
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:15 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13

GET
H2 200 payment-request-inner-browser-83203833fe4ddd747674030c2435acbf.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 00E9 12 KB
4 KB 194ms
193ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/payment-request-inner-browser-83203833fe4ddd747674030c2435acbf.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/payment-request-inner-browser-20b77a278eb2028cd229ab03df928a3f.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 1594
x-cache: HIT
content-length: 4424
etag: "13563263f55505d5822aae879d83b8c6"
x-request-id: 6a648f6b-ddbd-4dc6-9f8f-3cce302412eb
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:28:14 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 inner.html Show response
m.stripe.network/ Frame 1BA8 930 B
2 KB 641ms
212ms Document
text/html 13.224.250.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-2688237acbc5a4a88b2139712b2406c7.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.250.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-250-2.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 153
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:02:54 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
x-amz-cf-id: uvwYsycXWdNb_EtHGnQfC3I2y4GnxE3tbsMBAVE7K-KYJ4beL6m_KA==
x-amz-cf-pop: SIN52-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff

GET
H2 200 1489-8b86da401d493fc7478fbafda5019691.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DF0F 231 KB
47 KB 86ms
86ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/1489-8b86da401d493fc7478fbafda5019691.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-bc4269eb8a528785785dc6053665ccec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 82276
x-cache: HIT
content-length: 47921
etag: "ab675b71d19378124fcdf3c0f6dad353"
x-request-id: 55f97663-cbd1-4428-a3a0-d010bb4af54e
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Fri, 09 Sep 2022 18:43:25 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 9078

GET
H2 200 phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame DF0F 2 KB
931 B 88ms
88ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/phone-numbers-lib-a9439e8df0edd984b461e0e2c51c5227.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/controller-bc4269eb8a528785785dc6053665ccec.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 82289
x-cache: HIT
content-length: 770
etag: "f1717e2e478c68d16ccd7b37768700be"
x-request-id: 1783160e-5711-4bee-9c94-553101555eec
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Tue, 20 Sep 2022 13:38:31 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:25 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 11430

GET
H2 200 .deploy_status_henson.json Show response
js.stripe.com/v3/ Frame DF0F 474 B
601 B 259ms
85ms Fetch
application/json 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/.deploy_status_henson.json

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

99cd1477bda31cad3ee6203eca933e2be94f4f65e4e21cab8847a99333f3c39c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://js.stripe.com/v3/controller-892160c6bcdb48ec4a3b5a80842f93f8.html
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 23 Sep 2022 17:05:25 GMT
content-encoding: br
vary: Accept-Encoding
age: 2
x-cache: HIT
content-length: 293
x-request-id: 5da3a4a9-4f17-4274-bc2f-3c89280ed37a
x-served-by: cache-mel11229-MEL
access-control-allow-origin: *
last-modified: Fri, 23 Sep 2022 16:44:30 GMT
server: Fastly
etag: "543e5e269ac420d6a2bc5005ce252d94"
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=8448983277026331092
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8448983277026331092

42 B
942 B

388ms
175ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=8448983277026331092

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-08d2cbcb2.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Dp6ORzTKQ0c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:26 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: daaddb31-cd32-4419-969c-dcb26a57a269
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=8448983277026331092
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8729284472680427041
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://d3273622690172371738-t8729284472680427041.id.amgdgt.com/r/telco/tuid/8729284472680427041/duid/3273622690172371738/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D872928447268...
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8729284472680427041

42 B
942 B

173ms
173ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8729284472680427041

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v038-033eed0b4.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DRLFQOMWQQ8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8729284472680427041
Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:26 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Content-Length: 0
Strict-Transport-Security: max-age=15768000
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame F9AA 2 KB
2 KB 171ms
170ms Stylesheet
text/css 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
age: 52219
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 23 Sep 2022 02:35:08 GMT
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: rRxF5wev9IkQub1A8d4A-jVX1y_JzuDzzuygC1g5Pn5172jK0tJqUQ==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame F9AA 2 KB
2 KB 175ms
175ms Stylesheet
text/css 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
age: 63422
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
date: Thu, 22 Sep 2022 23:28:24 GMT
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: Fa9cOBmXnuINGyO8vzqFPLh9Yko8unR_8ToVZeW3sIxkT00cZ8_cSQ==

GET
H2 200 env.json Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/config/ Frame F9AA 1 KB
1 KB 413ms
412ms XHR
application/json 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/config/env.json

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/33.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

8ac972a09f7caaa1a2405c1ff7939e29b552d5f4f72c32886f32ce7df302344d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:26 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN2-C1
etag: "8429c17b53e4b8346af9123c7d21ce16"
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 765
x-amz-cf-id: UXFBDhSk-f9wd_fNdiZj-CFkzy3CfHO-Xufb_-CrB-r67aFEa4JQgA==
expires: Fri, 23 Sep 2022 17:05:26 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1218ms
604ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1223ms
609ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1221ms
608ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1222ms
610ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:27 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
128 B 1215ms
603ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1216ms
605ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1214ms
604ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1216ms
607ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1216ms
607ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 1217ms
609ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 08C9 0
719 B 679ms
170ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=89173939531797161011850250924033298236&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEHlZ4eYyTKzhEY3PoKaLocI&google_cver=1
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODkxNzM5Mzk1MzE3OTcxNjEwMTE4NTAyNTA5MjQwMzMyOTgyMzY=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=ODkxNzM5Mzk1MzE3OTcxNjEwMTE4NTAyNTA5MjQwMzMyOTgyMzY=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHlZ4eYyTKzhEY3PoKaLocI&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

174ms
173ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHlZ4eYyTKzhEY3PoKaLocI&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v038-046b1385a.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: vnGeyyVXQbE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEHlZ4eYyTKzhEY3PoKaLocI&google_cver=1?gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 21 KB
6 KB 181ms
179ms Stylesheet
text/css 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:12:12 GMT

GET
H2 200 loader.svg
news.google.com/swg/js/v1/ 0
1 KB 181ms
180ms Other
image/svg+xml 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/loader.svg

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:44:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1271
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1049
x-xss-protection: 0
last-modified: Mon, 16 Mar 2020 18:14:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: image/svg+xml
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:34:15 GMT

GET
H2

200

serviceiframe Show response
news.google.com/swg/ui/v1/ Frame 8792
Redirect Chain

https://news.google.com/swg/_/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au

26 KB
8 KB

199ms
199ms

Document
text/html

142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

ESF /

Resource Hash

ba3a9f8793c57a357f1f6c5ca68d73059e6c3b0ee8974e7b06819afd077367b6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-mIJS0tvFqCqFdlWwB8LFow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-mIJS0tvFqCqFdlWwB8LFow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Fri, 23 Sep 2022 17:05:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

Redirect headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Zv8_SKhiywueclNfOZg6vw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type: application/binary
cross-origin-opener-policy-report-only: unsafe-none; report-to="SubscribewithgoogleClientUi"
cross-origin-resource-policy: same-site
date: Fri, 23 Sep 2022 17:05:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
location: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 entitlements Show response
news.google.com/swg/_/api/v1/publication/geelongadvertiser.com.au/ 2 B
364 B 212ms
210ms Fetch
application/json 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/api/v1/publication/geelongadvertiser.com.au/entitlements

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

ESF /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: text/plain, application/json
Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
access-control-allow-origin: https://www.geelongadvertiser.com.au
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 1BA8 0
344 B 479ms
479ms Other
text/plain 54.187.159.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.187.159.182 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-187-159-182.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:26 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
x-content-type-options: nosniff
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame 1BA8 86 KB
14 KB 193ms
193ms Script
text/javascript 13.224.250.2
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.250.2 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-250-2.sin52.r.cloudfront.net

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
age: 200
date: Fri, 23 Sep 2022 17:02:07 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 f524a7fd984e15aeceb1c8903b4e45c2.cloudfront.net (CloudFront)
cache-control: max-age=300, public
x-amz-cf-pop: SIN52-C2
x-amz-cf-id: IhkuT-WR-aFX36iLphBUWL5QVFwfu-AydL6vhHTOFt0BnFLQdoubCg==
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.geelongadvertiser.com.au&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5

42 B
948 B

327ms
173ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcscanary-prod-apse-1-v049-0425248eb.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: krnYkfAZRvE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:26 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 20EF 18 KB
8 KB 264ms
263ms Document
text/html 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f92.1e100.net

Software

ESF /

Resource Hash

347ee8135c8c05cd58a07015f7b73a103061a1d6a2d7b2991059eba32eb91f6f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-8qqhMqkTukabpF8gJ6NeBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-8qqhMqkTukabpF8gJ6NeBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 23 Sep 2022 17:05:26 GMT
expires: Fri, 23 Sep 2022 17:05:26 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 08C9 0
0 980ms
352ms Image
text/html 104.83.196.208
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.208 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-208.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H2 200 rampart.js Show response
www.geelongadvertiser.com.au/remote/identity/rampart/latest/ Frame F9AA 277 KB
83 KB 377ms
376ms Script
application/x-javascript 104.83.196.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/main.js?e71e2113307426c39966

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-83-196-116.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
vary: User-Agent, Accept-Encoding
x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
server: AkamaiNetStorage
etag: "b4a3b9b58bfcfee5da16aa61754376ea:1658294497.988769"
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.geelongadvertiser.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=1777
date: Fri, 23 Sep 2022 17:05:26 GMT
is-https: true
x-opw: 4
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Fri, 23 Sep 2022 17:35:03 GMT

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=Yy3nVphUhT5XhhjSESdSsQAA%264724
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nVphUhT5XhhjSESdSsQAA%264724

42 B
942 B

173ms
173ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nVphUhT5XhhjSESdSsQAA%264724

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-036f62fa7.edge-apse.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ALN5iegNRYg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CM0vzhCLtmTxHGY5yYXiaIUDnSLYq9DDkPdJpIazmabs0If5R7dekn97OdEvOGFKkgx7%2FgX09mizjoFDQkjAyu%2FRXSVwfMf7O7dW%2Bn5OZjXlwSh%2FXKVr26oGARoOe2Ta2JbbRsVY"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Yy3nVphUhT5XhhjSESdSsQAA%264724
cache-control: no-cache
cf-ray: 74f4dd7fab865a91-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 pubads_impl_2022092001.js Show response
securepubads.g.doubleclick.net/gpt/ 378 KB
128 KB 179ms
178ms Script
text/javascript 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

sffe /

Resource Hash

47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 11:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194463
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131075
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 08:35:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 21 Sep 2023 11:04:23 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 115 B
122 B 516ms
180ms XHR
application/json 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.geelongadvertiser.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

20f49f0db7532ac0db43a8e565d818845e15162ff2d73d0ef03b6d787dfb4430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:05:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97
x-xss-protection: 0
expires: Fri, 23 Sep 2022 17:05:26 GMT

POST
H2 200 6 Show response
m.stripe.com/ Frame 1BA8 156 B
523 B 1011ms
334ms XHR
application/json 54.148.34.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.34.38 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-34-38.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

97d903384eeb1e36a168f4840a2695b53d6934bf75defb1069dc4211764307e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 20EF 2 KB
2 KB 249ms
179ms Other
text/html 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.4.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sm-in-f92.1e100.net
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 23 Sep 2022 17:05:26 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrh... Frame 20EF 153 KB
55 KB 518ms
177ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fjs.stripe.com&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

37af54874d102f59838ab28c7294c8efd46b1b2f56fe981f3f354cae3a5484e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:43:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55157
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 03:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 19:43:35 GMT

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-8db65a0dca16c5f6ff9f8024ff46c3f6
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=89173939531797161011850250924033298236&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-8db65a0dca16c5f6ff9f8024ff46c3f6

42 B
942 B

173ms
173ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-8db65a0dca16c5f6ff9f8024ff46c3f6

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-2-v038-05e43c533.edge-apse.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: kki8PSx5SSs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-8db65a0dca16c5f6ff9f8024ff46c3f6
Date: Fri, 23 Sep 2022 17:05:27 GMT
useSecure: true
Server: openresty/1.19.9.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3 204 cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame 8792 0
25 B 208ms
208ms Other
text/html 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-ZXJ-gXwjj07iDvQ2tFTP_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

strict-transport-security: max-age=31536000
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
date: Fri, 23 Sep 2022 17:05:26 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport, script-src 'report-sample' 'nonce-ZXJ-gXwjj07iDvQ2tFTP_Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 swg-button.css
news.google.com/swg/js/v1/ Frame 8792 21 KB
6 KB 178ms
178ms Stylesheet
text/css 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

sffe /

Resource Hash

bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 16:22:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6457
x-xss-protection: 0
last-modified: Wed, 12 Jan 2022 22:09:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="news-frontend"
vary: Accept-Encoding
report-to: {"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type: text/css
cache-control: public, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:12:12 GMT

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTj... Frame 8792 170 KB
60 KB 742ms
450ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

9aa4717548dfbefc2bab0e5b0240edcee4172bb02283c05cdcb49d35897110f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:42:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61208
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 19:42:45 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 174ms
174ms XHR
application/json 3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=4.5.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=89195195664829714231848134108232064550&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=newsnkidcookie%01af14d75f5b9d18a1c3f8f3595ca39ffc%011&ts=1663952726576

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/visitor/adobe_visitor.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

b2b147d28d20803331bc8aeadf47a991a48666df569abc2aff53da953acb5361

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-apse-1-v038-0113f1027.edge-apse.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: NNKV8UD0TBo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1568
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 69 KB
21 KB 852ms
288ms Script
application/javascript 42.99.140.160
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-160.pacnet.net
Software: AmazonS3 /
Resource Hash: 704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
last-modified: Mon, 05 Sep 2022 08:55:48 GMT
server: AmazonS3
x-amz-cf-pop: ATL58-P1
etag: W/"095a7b562e641bfc203fc3ef9697c6bc"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
content-length: 21384
x-amz-cf-id: Mg-PJrPZYvUFlAGyPVC9EWlvXHDkYYQUS1sjVFkZHnJNCU2RdwDlbg==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 203ms
203ms Script
application/x-javascript 104.71.48.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/gea.sops/202207211013&cb=1663952726585
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gea.sops/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.71.48.190 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-71-48-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Fri, 23 Sep 2022 17:15:27 GMT

GET
H2 200 P9639CC51-2F11-48E8-B888-393496680A12.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 531ms
176ms Script
application/javascript 13.224.250.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-112.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c261147bf4256326fe74979596ca8fb13dae170d9b7586b1edbf7f0bb2fe9cf6

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: osiFhC4BsEukeAQaNcBwSQJMz_8TzyAj
content-encoding: gzip
etag: W/"b76e8b8476a48119b813a1c358420395"
last-modified: Fri, 23 Sep 2022 11:17:50 GMT
server: AmazonS3
age: 22
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Fri, 23 Sep 2022 17:05:05 GMT
x-amz-cf-pop: SIN52-C2
x-amz-cf-id: Tld4OZQ6paTSyGfPvvelv47UNgKu7z5_a68xEty6c3EBKPb6xj7GfQ==

GET
H2 200 door.js Show response
au-script.dotmetrics.net/ 9 KB
4 KB 621ms
266ms Script
application/javascript 54.192.150.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/door.js?id=13075
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-97.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: a5d684127143e647bff803e2f6070adafdfbcf4eb8c2a683146ca67dbcc184c8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "13075...214.2022092317"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
cache-control: private
content-type: application/javascript
x-amz-cf-id: x4JCXHNUPzMwuiw3O3nwZ53B6Kg0lB7NLjBYBJPdlMV0C4v3e7mKgQ==

GET
H3 200 316290525736583 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 840ms
659ms Script
application/x-javascript 157.240.7.26
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/316290525736583?v=2.9.83&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.26 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-sin6.fbcdn.net

Software

Resource Hash

c853664140e6ba15f2e1e5800cf192893a81e742044e27df50fa3d5c4d357cd2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: ecg/xXR32lm8zTn1r61QztZ4jWnrwJQRcva2XyWwZOfrC+4LVWwdRbVg+fUZA0dxoxPV7mAOn2SSOjkDGDkjTw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 23 Sep 2022 17:05:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=89173939531797161011850250924033298236&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=89173939531797161011850250924033298236&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

171ms
170ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcs-prod-apse-1-v038-0de376178.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: Lr7tjrlJQTY=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Fri, 23 Sep 2022 17:05:27 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 65 B
356 B 1280ms
322ms XHR
text/plain 104.83.196.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.200 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-200.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
server: AkamaiNetStorage
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary: Origin, Origin, Origin
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: max-age=398
content-type: text/plain
content-length: 65

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 08C9
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=89173939531797161011850250924033298236
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=89173939531797161011850250924033298236

0
338 B

986ms
336ms

Image
text/plain

34.210.169.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=89173939531797161011850250924033298236
Protocol: H2
Server: 34.210.169.61 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-169-61.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1663952728
x-served-by: beacon-n015-pdx-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=89173939531797161011850250924033298236
date: Fri, 23 Sep 2022 17:05:27 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a006-ash-prod.krxd.net

POST
H2 200 s95106906274661 Show response
metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 532ms
187ms XHR
application/x-javascript 63.140.48.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/s95106906274661

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

ea23e44dc65abbc96dc139c145b1402a4e49921975f38c20198c88942c7c2cb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-aam-tid: XYFxAnspSsk=
date: Fri, 23 Sep 2022 17:05:27 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
vary: *
content-length: 4910
x-xss-protection: 1; mode=block
dcs: dcs-prod-apse-1-v038-02be22c1f.edge-apse.demdex.com 10 ms
pragma: no-cache
last-modified: Sat, 24 Sep 2022 17:05:27 GMT
server: jag
etag: 3573311272914452480-4619878432201199394
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Thu, 22 Sep 2022 17:05:27 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 8792 15 KB
16 KB 525ms
180ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=462209&publicationId=geelongadvertiser.com.au

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
Origin: https://news.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 13:24:20 GMT
x-content-type-options: nosniff
age: 99667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 13:24:20 GMT

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 08C9
Redirect Chain

https://tags.bluekai.com/site/43981?id=89173939531797161011850250924033298236&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
966 B

170ms
170ms

Image
image/gif

3.1.114.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Protocol

HTTP/1.1

Server

3.1.114.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-1-114-116.ap-southeast-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

DCS: dcscanary-prod-apse-1-v049-0425248eb.edge-apse.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: nFNR7/bFQqA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date: Fri, 23 Sep 2022 17:05:27 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzblZRQUFBRThBN2dONw==

170 B
188 B

185ms
182ms

Image
image/png

142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzblZRQUFBRThBN2dONw==

Protocol

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952727.402102,VS0,VE0
x-served-by: cache-mel11250-MEL
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXkzblZRQUFBRThBN2dONw==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 messages Show response
dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/ Frame F9AA 6 KB
2 KB 95ms
95ms XHR
application/json 192.0.66.58
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/dsf-api/messages

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/33.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.58 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22
x-cache: hit
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
content-length: 1418
x-rq: syd1 0 2 9980
allow: GET
server: nginx
vary: Accept-Encoding, Origin
access-control-allow-methods: OPTIONS, GET, POST, PUT, PATCH, DELETE
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://subscriptions.geelongadvertiser.com.au
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
access-control-allow-credentials: true
accept-ranges: bytes
x-robots-tag: noindex
link: <https://dsf.newscorpaustralia.com/dailytelegraph/wp-json/>; rel="https://api.w.org/"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nVQAAAE8A7gN7&expires=90

42 B
798 B

681ms
169ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nVQAAAE8A7gN7&expires=90
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: beb52df1a5a4b2f2cb3f37642c514298
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952727.402087,VS0,VE0
x-served-by: cache-mel11250-MEL
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Yy3nVQAAAE8A7gN7&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
792 B 527ms
183ms Script
application/javascript 74.125.200.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.geelongadvertiser.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 525ms
182ms Script
application/javascript 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.geelongadvertiser.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
729 B 220ms
219ms XHR
text/plain 172.217.194.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=128015115515468&correlator=718881396578909&hxva=1&scor=261528993752475&eid=31068458%2C31068929%2C31069792&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=5129&enc_prev_ius=%2F0%2F&prev_iu_szs=1x1&ifi=1&adks=14334197&sfv=1-0-38&ists=1&fsapi=false&prev_scp=pos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26nk%3Daf14d75f5b9d18a1c3f8f3595ca39ffc%26sec1%3Dsops%26sec2%3Dsubscription%26sec3%3Dcustomerdetails%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dbreach%252Cshopfront%26adl%3Dfalse%26snol%3Dd%252Ce%252Cg%252Ch%252Ca%252Cb%252Cc%26abtest%3Da%26pvid%3Daf14d75f5b9d18a1c3f8f3595ca39ffc-00000000000000000000000000000000-1663952725961-594326&sc=1&cookie_enabled=1&abxe=1&dt=1663952727097&lmt=1663952727&dlt=1663952720772&idt=6197&adxs=0&adys=3033&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&frm=20&vis=1&psz=1600x3033&msz=1600x0&fws=4&ohw=1600&ga_vid=2139562038.1663952727&ga_sid=1663952727&ga_hid=848443476&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.194.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

si-in-f156.1e100.net

Software

cafe /

Resource Hash

e2a8f1b05098bc31a30434c2044e85d66ba0fd5fe17ad7be5df9ba4fd5682a0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 698
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 531ms
188ms XHR
application/json 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

cafe /

Resource Hash

832b084b3f2c371fd3f3f020bab83288b85c14c1185cc2ebed72bf5eb16af415

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11140
x-xss-protection: 0

GET
H2 200 container.html Show response
c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2ABD 6 KB
4 KB 522ms
179ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:27 GMT
expires: Sat, 23 Sep 2023 17:05:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame 07F9 2 KB
3 KB 616ms
615ms Document
text/html 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=O4L1VeAatkTgDxyODmLAS4ZB6NUgoO6k&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fsubscriptions.geelongadvertiser.com.au%2Fremote%2Fidentity%2Fauth%2Flatest%2Flogin%2Fcallback.html&state=jJgzc42HNTzrEXT382C5c_uaXbttkJ3K&nonce=l8KAS5iC0ZLg0.CmFU3.gH7BfM.SNg7T&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xOS4wIn0%3D

Requested by

Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

ab9d0b7a028073459133d9cebc6bfdf5e7da7b3e436a04f338f7bb49f1155aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 74f4dd81282c13d2-JHB
content-encoding: gzip
content-length: 811
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Fri, 23 Sep 2022 17:05:27 GMT
expires: Fri, 23 Sep 2022 17:05:27 GMT
ot-baggage-auth0-request-id: 74f4dd81282c13d2
ot-tracer-sampled: true
ot-tracer-spanid: 1e57fc3a01800633
ot-tracer-traceid: 040ac8e90773fc98
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-1e57fc3a01800633-0000000000000000040ac8e90773fc98-01
tracestate: auth0-request-id=74f4dd81282c13d2,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 544 0 pmb=mTOE,3
x-auth0-requestid: 8e52eb9f745cd369d156
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 998
x-ratelimit-reset: 1663952728

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nVQAAAE8A7gN7

43 B
882 B

551ms
355ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nVQAAAE8A7gN7
Protocol: H2
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f4dd840ddfdf30-MEL
pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHcBdbUL58KOlOsZ7J%2BSPsyoPCtVw1nUdXkYzMoiyngnvgx6WxH1rjHgtQazaBDD1enQAqUc2GchPkULacfyZN9NTGNlIYDiJKmm3cLhZHXbMklQpCpmAWLAO8yFXNmAK6tGJwyd%2Fs%2BEtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952727.402068,VS0,VE0
x-served-by: cache-mel11250-MEL
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Yy3nVQAAAE8A7gN7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Yy3nVQAAAE8A7gN7

43 B
1 KB

239ms
236ms

Image
image/gif

104.254.151.69
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Yy3nVQAAAE8A7gN7

Protocol

HTTP/1.1

Server

104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:27 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bc79b52a-3ec9-4526-943a-798e8719b065
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952727.402051,VS0,VE0
x-served-by: cache-mel11250-MEL
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Yy3nVQAAAE8A7gN7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame 20EF 78 KB
28 KB 478ms
177ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhvU2HA5kFVp7T1qT0c9KJ-N0Wwuw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

551c71f7ac1cd64bcaae0fdad7d5991e712e010f9fd2cad47af5df4c652b4bab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29014
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 19:43:36 GMT

GET
H3

200

sd
us-u.openx.net/w/1.0/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Yy3nVQAAAE8A7gN7
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nVQAAAE8A7gN7

43 B
61 B

259ms
170ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nVQAAAE8A7gN7
Protocol: H3
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:28 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=Yy3nVQAAAE8A7gN7
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nVQAAAE8A7gN7

1 B
450 B

511ms
169ms

Image
text/html

67.199.150.86
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nVQAAAE8A7gN7
Protocol: H2
Server: 67.199.150.86 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
cache-control: no-store, no-cache, private
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952728.500508,VS0,VE0
x-served-by: cache-mel11250-MEL
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Yy3nVQAAAE8A7gN7
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3 200 m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame 8792 133 KB
45 KB 355ms
181ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZgAg/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI45919gsfY2CTOng4wqKN9Dbmkk0A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,xUdipf,OTA3Ae,COQbmf,ws9Tlc,fKUV3e,aurFic,U0aPgd,LEikZe,NwH0H,OmgaI,gychg,EEDORb,Mlhmy,ZfAoz,kWgXee,ovKuLd,yDVVkb,KG2eXe,DsXBRb,zG9H6c,DfBslb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/am=ZgAg/d=1/excm=_b,_r,_tp,serviceiframeview/ed=1/dg=0/wt=2/rs=ABXTjI5e0uSw2OhIZ2Y8roDMM5GkyvZg0g/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

7ef92b289510806c5cb30ffb6afc031d276874b28e33f8afa1eba7dbfcc68ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45812
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 20:15:36 GMT

GET
H2 200 6630 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/ 18 KB
2 KB 1122ms
558ms XHR
application/octet-stream 42.99.140.160
ASN-TELSTRA-GLOBA...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/0/6630
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 42.99.140.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS: ip-42-99-140-160.pacnet.net
Software: AmazonS3 /
Resource Hash: 289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: W_yTpbzpqY89CZHjDkmLnffsRbstOxY.
content-encoding: gzip
last-modified: Mon, 12 Sep 2022 05:38:14 GMT
server: AmazonS3
x-amz-cf-pop: ATL58-P4
etag: "189bff3ecbc5fc21ff53bd3b46f8ee8b"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=81
date: Fri, 23 Sep 2022 17:05:28 GMT
accept-ranges: bytes
content-length: 1284
x-amz-cf-id: 17OsOtIjsmEXrPJkCcxBX8o6mHpHJQqkCcdA_43J0MjKs99GynPC8Q==

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nVQAAAE8A7gN7&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nVQAAAE8A7gN7&img=1&__user_check__=1&sync_id=ec6d014b-3b61-11ed-85a1-17819dd40207

43 B
548 B

172ms
171ms

Image
image/gif

103.71.26.125
SPOTX-AS-AP SpotX...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Yy3nVQAAAE8A7gN7&img=1&__user_check__=1&sync_id=ec6d014b-3b61-11ed-85a1-17819dd40207
Protocol: HTTP/1.1
Server: 103.71.26.125 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:05:28 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 48
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 23 Sep 2022 17:05:28 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=Yy3nVQAAAE8A7gN7&img=1&__user_check__=1&sync_id=ec6d014b-3b61-11ed-85a1-17819dd40207
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 5
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 08C9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nVQAAAE8A7gN7&t=2592000&o=0

43 B
576 B

730ms
385ms

Image
image/gif

157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nVQAAAE8A7gN7&t=2592000&o=0

Protocol

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 10:05:28 PDT
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: ztQ+2ybtkJOnS0tDVj31I8ruyxVPifowsMG8v0s7fP8MEyxNt3/iiwokimMPUmtrd4yK59lARQzjLKTQHU+L0A==
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
priority: u=3,i
expires: Fri, 23 Sep 2022 10:05:28 PDT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:27 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1663952728.703434,VS0,VE0
x-served-by: cache-mel11250-MEL
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Yy3nVQAAAE8A7gN7&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 179ms
179ms Script
text/javascript 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js?cb=31069792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 23 Sep 2022 17:05:27 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 195 KB
55 KB 198ms
198ms Script
application/javascript 13.224.250.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P9639CC51-2F11-48E8-B888-393496680A12.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-112.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: DrLErfhsYc9Oxds2t7Wz_kyLr0yC.GSp
content-encoding: gzip
etag: W/"81a9e2a298d0019660cb2966f0c24748"
age: 2254
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 16:27:54 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: SIN52-C2
x-amz-cf-id: tRFsxjvamn639rQVMR2suXSBfJkudzF9RgB7sZ7J061ZLY0leyWSvQ==

POST
H2 403 csp-reports
login.newscorpaustralia.com/ Frame F9AA 0
0 371ms
370ms Other
text/html 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-136-8.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 2970e277
login.newscorpaustralia.com/akam/13/ Frame 07F9 0
0

GET 1McDhLIVMB
login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/ Frame 07F9 0
0

GET
H2 200 435.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 27 KB
9 KB 507ms
504ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/435.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/runtime~main.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

176a4d7346001286ad894be3cc341bd466f932e48f947c14deddd5ce422ac519

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "d06060475925fd26eebf19d729f1fcd0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=30
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 8641
x-amz-cf-id: 0DozL2B_LZTyh6r-nxw3MchBseVUNw771e59NgX1xJbD4RyO99ofvA==

GET
H2 200 32.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 8 KB
3 KB 483ms
482ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/32.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/runtime~main.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

29bb14d12ff9ab767375aee6f4fc6c8e9462639edda07da757e5868fcc32430d

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN2-C1
etag: "9ead2a315ad98a09f39a58c6c17a3f72"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=59
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 2542
x-amz-cf-id: 4J-wCd9BLUm3So80EBUs1gKCFe64I3_EsNL0K3maMLPKxreLEKBe2w==

GET
H2 200 598.async.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 17 KB
6 KB 479ms
478ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/598.async.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/runtime~main.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

fe73f1fd4b06562be19aaeccf8ffeb47aa50dbc383d2e7e0a103ece055aea89c

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "86af291d0ca4e8daceea8070aa8d16e3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=49
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 5553
x-amz-cf-id: HmYOqfa2X5HvrqtErYrAFw1_CD76Wxs1l7sKTA15xW3y-NZH2ZIkwA==

GET
H2 200 357.async.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 25 KB
9 KB 480ms
479ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/357.async.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/runtime~main.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

dfad6d1cecf7337dcd922f1fab22a655d9e28aedddebb6d8ef5c07c8c277009b

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "6849ace129baf5312aeedd2b943cf3b7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=16
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 8500
x-amz-cf-id: NtL52nvV0Kh8Zn0NNrsyyX3aDW7PD1XP9YPeqM8lrmfFkY8MHNilsw==

GET
H2 200 595.async.js Show response
subscriptions.geelongadvertiser.com.au/caas/1.10.4/ Frame F9AA 126 KB
49 KB 479ms
478ms Script
text/javascript 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/595.async.js

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/runtime~main.js?e71e2113307426c39966

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

14ec3652d79b8821f210025646a6ced247974b7dd2c5c343c3ef2872ccfd6013

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:27 GMT
content-encoding: gzip
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "4cf7801c8f7e08a30a91533a0308ec10"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=29
strict-transport-security: max-age=600
accept-ranges: bytes
content-length: 49395
x-amz-cf-id: 28f7-twP9GDChOCE4heDmUEIpguPab6GmLpEFUdADkXkgponJqnVqw==

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 08C9 43 B
369 B 352ms
179ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-vcl-time-ms: 94
pragma: no-cache
date: Fri, 23 Sep 2022 17:05:28 GMT
via: 1.1 varnish
server: nginx
x-timer: S1663952728.980834,VS0,VE94
x-served-by: cache-mel11250-MEL
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 hit.gif
au-script.dotmetrics.net/ 43 B
1 KB 452ms
451ms Image
image/gif 54.192.150.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-script.dotmetrics.net/hit.gif?id=13075&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&dom=www.geelongadvertiser.com.au&r=1663952727797&pvs=1&pvid=218998b3-6763-4e2b-a6d9-34dc9d809264&c=true&tzOffset=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-97.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
dotmetrics-hit-status: 01 OK
server: Kestrel
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: image/gif
x-amz-cf-id: zPVXX3fu6BvscA4loNGvY8UFxDD2Njl9nCRO1beqpZUbhhK4PHbAtw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 20EF 49 KB
20 KB 520ms
180ms Script
text/javascript 142.251.12.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=BoA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhvU2HA5kFVp7T1qT0c9KJ-N0Wwuw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=IZT63,ws9Tlc,p8L0ob,vfuNJf,PrPYRd,Ru0Pgb,hc6Ubd,ZyYHPb,Das5Le

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f100.1e100.net

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 6625
date: Fri, 23 Sep 2022 15:15:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Fri, 23 Sep 2022 17:15:03 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 20EF 1 MB
353 KB 514ms
514ms XHR
text/html 142.250.4.92
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.92 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f92.1e100.net

Software

ESF /

Resource Hash

0a321171fcfb6e24148bc777ab4cb5f9bc5b72ce93f5e64c8f35c75c0024ee7a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vkRPGNtqKwaYcDoQgj0DVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge
server: ESF
cross-origin-opener-policy: unsafe-none
date: Fri, 23 Sep 2022 17:05:28 GMT
x-frame-options: DENY
content-type: text/html; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: script-src 'report-sample' 'nonce-vkRPGNtqKwaYcDoQgj0DVA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
expires: Fri, 23 Sep 2022 17:05:28 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F12 13 KB
5 KB 478ms
177ms Document
text/html 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f132.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 223531
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 02:59:57 GMT
expires: Thu, 21 Sep 2023 02:59:57 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 324E 783 B
1 KB 526ms
185ms Document
text/html 142.251.10.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f104.1e100.net

Software

GSE /

Resource Hash

c0c133d23ff7782ac7c5b249076893ac92867f52121773ccb31894098cc57d92

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-cV4-WlmyiZGEAVZcwvUp5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-cV4-WlmyiZGEAVZcwvUp5g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:28 GMT
expires: Fri, 23 Sep 2022 17:05:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 204 0
sync.1rx.io/usersync/adobe/ Frame 08C9 0
99 B 537ms
178ms Image
text/plain 74.118.186.44
RHYTHMONE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.44 Serangoon, Singapore, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:28 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 script.js Show response
au-script.dotmetrics.net/Scripts/ 79 KB
33 KB 267ms
265ms Script
application/javascript 54.192.150.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/Scripts/script.js?v=214
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13075
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-97.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
content-encoding: br
last-modified: Mon, 05 Sep 2022 12:02:11 GMT
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "1d8c11f544f5886"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
via: 1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
accept-ranges: bytes
x-amz-cf-id: 78reLX5zSETCoUkjr3I88oE8QSEAPw0WVE07SEznxxVYQdXJ9XH2xw==

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 394ms
100ms Preflight 13.210.135.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geelongadvertiser.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 17:05:28 GMT
Server: nginx

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
565 B 389ms
99ms XHR
text/plain 13.210.135.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 17:05:28 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

GET
H/1.1 200
OK cookie.html Show response
ncg.tags.news.com.au/prod/ncg/ Frame 2233 12 KB
4 KB 510ms
169ms Document
text/html 18.155.68.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ncg.tags.news.com.au/prod/ncg/cookie.html
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.155.68.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-155-68-87.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Age: 2679
Cache-Control: max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Fri, 23 Sep 2022 16:20:50 GMT
ETag: W/"748ca6666533691c2a9fad2f102bc379"
Last-Modified: Mon, 21 Mar 2022 03:18:39 GMT
Server: AmazonS3
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 7N2psEnQYP2oIIQxx8gO6-SMN2Z0pwo2GcblRDJ0I6nQheGFObYkvw==
X-Amz-Cf-Pop: SIN52-P1
X-Cache: Hit from cloudfront

GET
H2 200 lookuplist Show response
au.audience.newscgp.com/ 108 B
480 B 621ms
276ms XHR
application/json 13.224.250.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.audience.newscgp.com/lookuplist?device_id_type=newskey&device_id=af14d75f5b9d18a1c3f8f3595ca39ffc&&bust=16639527279700.345769369257257&errors-in-body=1
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-29.sin52.r.cloudfront.net
Software: nginx /
Resource Hash: b7e9fa1a862f8d102151ea915efdb826875e8be0005856daedf415ffe6b2bbd5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
via: 1.1 08a12acbdd73ab65ad077921a50970da.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: SIN52-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.geelongadvertiser.com.au
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 108
x-amz-cf-id: o5w0rcK9cUKD5pQ82Q2OXyZae_P803lIUdoCwLkBLUDEcQWtNGWOPw==

GET
H3 200 m=bm51tf Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame 8792 1 KB
712 B 181ms
181ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZgAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI45919gsfY2CTOng4wqKN9Dbmkk0A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=bm51tf

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

736c2d3c83596bc17524d1a9bce892412356d62d1cf2093c3346c6a89172ed94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 686
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 20:15:36 GMT

POST
H3 200 batchexecute Show response
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame 8792 633 B
464 B 197ms
197ms XHR
application/json 142.251.12.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=-1123847314395048790&bl=boq_subscribewithgoogleclientserver_20220921.07_p0&hl=en-US&soc-app=673&soc-platform=1&soc-device=1&_reqid=61529&rt=c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f138.1e100.net

Software

ESF /

Resource Hash

c3efea0e4aff2cd8ccdcf7cc364c7ec0348b35d540dc95ad51b3aa6d50297635

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-Same-Domain: 1
Referer: https://news.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
content-disposition: attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"SubscribewithgoogleClientUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/SubscribewithgoogleClientUi/external"}]}
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
content-security-policy: require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="SubscribewithgoogleClientUi"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 277F 12 KB
4 KB 173ms
173ms Document
text/html 13.224.250.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-112.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 2264
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Fri, 23 Sep 2022 16:27:45 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Mon, 02 May 2022 13:40:06 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 60a12bdf784c46a5874f83b517e37278.cloudfront.net (CloudFront)
x-amz-cf-id: QgRYvWOXjLrbL2zp3Z2fnW9MgncrUC7-50n7JcZRtVTZqRI4lKW-wQ==
x-amz-cf-pop: SIN52-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: pCvO2RaXRfPysrOm9wpmYmW2HbKONfJo
x-cache: Hit from cloudfront

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L... Frame 8792 17 KB
7 KB 181ms
181ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.en_US.Brr3N8F7TBg.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.bCEywqXgRB4.L.B1.O/am=ZgAg/d=1/exm=COQbmf,DfBslb,DsXBRb,EEDORb,KG2eXe,LEikZe,Mlhmy,NwH0H,OTA3Ae,OmgaI,U0aPgd,ZfAoz,_b,_r,_tp,aurFic,bm51tf,byfTOb,fKUV3e,gychg,kWgXee,lsjVmc,ovKuLd,ws9Tlc,xUdipf,yDVVkb,zG9H6c/excm=_b,_r,_tp,serviceiframeview/ed=1/wt=2/rs=ABXTjI45919gsfY2CTOng4wqKN9Dbmkk0A/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;iFQyKf:vfuNJf;dIoSBb:SpsfSb;EmZ2Bf:zr1jrb;zxnPse:GkRiKb;NSEoX:lazG7b;nAFL3:NTMZac;oGtAuc:sOXFj;eBAeSb:zbML3c;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;NPKaK:SdcwHb;pXdRYb:MdUzUe;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

fee943a9dad82106a8ac253ed19352785e2db488595759bfb36e8951bc300dd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 20:15:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7230
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 00:50:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 20:15:36 GMT

POST
H2 200 log Show response
play.google.com/ Frame 8792 131 B
196 B 561ms
260ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 574ms
227ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 8792 131 B
196 B 552ms
251ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 578ms
232ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 8792 131 B
196 B 565ms
264ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://news.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 571ms
226ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://news.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://news.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 277F 44 B
721 B 559ms
172ms Image
image/gif 18.139.197.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&sessionId=irf9txootzmfmmafcw6jhsra4faf01663952728&c16=sdkv,bj.6.0.0&uoo=&fp_id=2znwnpxtybz1xgconh2c0l4gbcx6k1663952728&fp_cr_tm=1663952728086&fp_acc_tm=1663952728086&fp_emm_tm=1663952728086&ve_id=&c30=bldv,6.0.0.623&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.197.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-197-60.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:28 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
irf9txootzmfmmafcw6jhsra4faf01663952728.nuid.imrworldwide.com/ Frame 277F 35 B
352 B 629ms
171ms Image
image/gif 13.224.250.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://irf9txootzmfmmafcw6jhsra4faf01663952728.nuid.imrworldwide.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.250.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-250-85.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 22:17:16 GMT
via: 1.1 cd09c7e66aa65f123adc53975394570c.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 67693
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: SIN52-C2
accept-ranges: bytes
content-length: 35
x-amz-cf-id: OGJphj05blHGCWekkdH_PK0dlNQDJhKslw6O8POqZoQKJTOL8LHYgQ==

GET
H2 200 SourceSansPro.css
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame F9AA 2 KB
2 KB 172ms
170ms Stylesheet
text/css 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: BU9pslV_1tk2oM9KNiljnrkOp3wYAVog
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:42 GMT
server: AmazonS3
age: 52221
etag: "2a13a755f725cea2c202bc30af451d10"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
date: Fri, 23 Sep 2022 02:35:08 GMT
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 2173
x-amz-cf-id: h5F0GrUa8rtF6-K0me0qwBWitw-pGZZceo4C7xU3qLM04TTBc9UU9g==

GET
H2 200 Charter.css
subscriptions.news.com.au/media/fonts/Charter/ Frame F9AA 2 KB
2 KB 178ms
176ms Stylesheet
text/css 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Requested by: Host: client
URL: about:client
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 78tZPx9F6ldnoT3vI7OxzT3AZa.JXQqe
via: 1.1 c8c43b7bd0e92cbb9fbe171dc985f060.cloudfront.net (CloudFront)
last-modified: Wed, 23 Sep 2020 08:43:10 GMT
server: AmazonS3
age: 63424
etag: "9d796e9621f8bd2ea24552819973cb20"
vary: Origin
x-cache: Hit from cloudfront
content-type: text/css
date: Thu, 22 Sep 2022 23:28:24 GMT
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
content-length: 1635
x-amz-cf-id: _TOP90HY-mL6k7NsRo6uSJHO54qfXpV3me21qQz4MeJG8ropvVuXiA==

GET
H2 200 /
www.facebook.com/tr/ 0
127 B 170ms
169ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=PageView&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&rl=&if=false&ts=1663952728391&sw=1600&sh=1200&v=2.9.83&r=stable&ec=0&o=30&fbp=fb.2.1663952728389.16549708&it=1663952726645&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 17:05:28 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 170ms
169ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=InitiateCheckout&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&rl=&if=false&ts=1663952728392&sw=1600&sh=1200&v=2.9.83&r=stable&ec=1&o=30&fbp=fb.2.1663952728389.16549708&it=1663952726645&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 17:05:28 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 SiteEvent.dotmetrics Show response
au-script.dotmetrics.net/ 399 B
1 KB 456ms
453ms Script
application/javascript 54.192.150.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNzUsImZsIjp0cnVlLCJkb20iOiJ3d3cuZ2VlbG9uZ2FkdmVydGlzZXIuY29tLmF1IiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5nZWVsb25nYWR2ZXJ0aXNlci5jb20uYXUvc3Vic2NyaWJlL25ld3MvMS8%2Fc291cmNlQ29kZT1HQVdFQl9XUkUxNzBfYV9OV0wmZGVzdD1odHRwcyUzQSUyRiUyRnd3dy5nZWVsb25nYWR2ZXJ0aXNlci5jb20uYXUlMkZ0cnVlY3JpbWVhdXN0cmFsaWElMkZwb2xpY2UtY291cnRzLWdlZWxvbmclMkZwb2xpY2UtYXJyZXN0LXR3by1wZW9wbGUtYWZ0ZXItY29yaW8tdmlsbGFnZS1zaG9wcGluZy1jZW50cmUtZmlnaHQlMkZuZXdzLXN0b3J5JTJGN2IyZWU3ZGE0NmJmYWU1M2YwNGVkZGQ4MTllMjQ4ZTgmbWVtdHlwZT1hbm9ueW1vdXMmbW9kZT1wcmVtaXVtJm9mZmVyc2V0PWdhX3RydWVjcmltZV9wcmVtaXVtIiwicnVybCI6IiIsInB2aWQiOiIyMTg5OThiMy02NzYzLTRlMmItYTZkOS0zNGRjOWQ4MDkyNjQiLCJ0ek9mZnNldCI6MCwib3NzIjp0cnVlLCJvc2VzIjp0cnVlfQ%3D%3D&r=1663952728400
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=214
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-97.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: f2222532e695e0cbb2fdd15de28966772d2ee7e142fcbcb999e4a21c7e925413

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
content-encoding: br
server: Kestrel
x-amz-cf-pop: SIN2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
via: 1.1 e1fec368f5b53b4a839d0400d00dede6.cloudfront.net (CloudFront)
cache-control: no-cache
content-type: application/javascript
x-amz-cf-id: gvCHnyW5HCgKbuBkBWiqmb-SE5ClJQM4sRf3tOn5iBVChUVSHITAZw==

GET
H3 200 lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F12 36 KB
16 KB 521ms
180ms Script
text/javascript 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNPcL4AZZQ8z9NJpy71wtXJu_aTy2V1-RO76Pd5QcdQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f156.1e100.net

Software

sffe /

Resource Hash

94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 21:55:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 155369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15861
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 21 Sep 2023 21:55:59 GMT

POST
H2 200 log Show response
play.google.com/ Frame 8792 131 B
214 B 595ms
255ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://news.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://news.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 324E 0
0 511ms
189ms Image
text/html 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092001&jk=128015115515468&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame 20EF 18 KB
7 KB 180ms
180ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=BoA/d=1/exm=Das5Le,IZT63,PrPYRd,Ru0Pgb,ZyYHPb,_b,_r,_tp,hc6Ubd,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhvU2HA5kFVp7T1qT0c9KJ-N0Wwuw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

84a1b3effb0f9966d6d7d65d3de620697d259a669b9753d569a00545f8abd8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7398
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 19:43:36 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5y... Frame 20EF 37 KB
14 KB 181ms
180ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.P5yGE8yrZ4Q.L.B1.O/am=BoA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,Ru0Pgb,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,p8L0ob,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/rs=AMitfrhvU2HA5kFVp7T1qT0c9KJ-N0Wwuw/ee=cEt90b:ws9Tlc;QGR0gd:Mlhmy;uY49fb:COQbmf;yEQyxe:p8L0ob;iFQyKf:vfuNJf;nAFL3:NTMZac;oGtAuc:sOXFj;yxTchf:KUM7Z;qddgKe:xQtZb;wR5FRb:siKnQd;dIoSBb:SpsfSb;eBAeSb:zbML3c;EmZ2Bf:zr1jrb;NPKaK:PVlQOd;LBgRLc:XVMNvd;NSEoX:lazG7b;Pjplud:EEDORb;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:VDovNc;sP4Vbe:VwDzFe;kMFpHd:OTA3Ae;SNUn3:ZwDk9d/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

6e02d532255755964d5ec0312b0d9a1389afb3965f9cd7850191f68e7391d85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:43:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76912
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13986
x-xss-protection: 0
last-modified: Tue, 20 Sep 2022 02:26:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Sep 2023 19:43:36 GMT

POST
H3 200 log Show response
play.google.com/ Frame 20EF 131 B
152 B 418ms
247ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 533ms
396ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 20EF 131 B
196 B 557ms
257ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 359ms
228ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 20EF 131 B
196 B 555ms
254ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 352ms
232ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 20EF 131 B
196 B 565ms
264ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 332ms
226ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 20EF 131 B
196 B 557ms
256ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 325ms
226ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 log Show response
play.google.com/ Frame 20EF 131 B
196 B 552ms
252ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://pay.google.com/
X-Goog-AuthUser: 0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 320ms
232ms Preflight
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 23 Sep 2022 17:05:28 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 307ms
306ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 306ms
306ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 307ms
307ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 308ms
307ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 596ms
595ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:28 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
H2 200 imgNewsNetwork.jpg
subscriptions.geelongadvertiser.com.au/caas/1.10.4/assets/ Frame F9AA 35 KB
35 KB 386ms
385ms Image
image/jpeg 23.199.136.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/assets/imgNewsNetwork.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.199.136.8 Kuala Lumpur, Malaysia, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-199-136-8.deploy.static.akamaitechnologies.com

Software

Resource Hash

eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/caas/index.html?pageType=spc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
last-modified: Tue, 30 Aug 2022 05:12:00 GMT
x-amz-cf-pop: SIN5-C1
etag: "66e5b98efe47b4be5eea14745e58a730"
strict-transport-security: max-age=600
content-type: image/jpeg
cache-control: max-age=476040
accept-ranges: bytes
content-length: 35778
x-amz-cf-id: XqjF_DwEF4Ctg3Lsx-c5EA3xViadfhOvNrcjTjt4Oiiy-7pagJIWDg==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ Frame F9AA 884 B
718 B 496ms
190ms Script
text/javascript 142.251.10.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Requested by

Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/595.async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f104.1e100.net

Software

GSE /

Resource Hash

a25c62b74e9d4afeff082da50c9d6bf499d0334a9b34c6333ab2553e8df1038f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://subscriptions.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 17:05:28 GMT

GET
H2 200 GA_SDO_P0419AW04 Show response
commerceapi.news.com.au/offersapi/offers/ Frame F9AA 32 KB
10 KB 876ms
874ms XHR
application/json 104.83.196.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/GA_SDO_P0419AW04
Requested by: Host: subscriptions.geelongadvertiser.com.au
URL: https://subscriptions.geelongadvertiser.com.au/caas/1.10.4/33.js?e71e2113307426c39966
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45a3a17052c7aed058cc6448c77342274487616cd2754fe66b472edcf24fab0e

Request headers

Accept: application/json, text/plain, */*
Referer: https://subscriptions.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
x-api-key: 0iwH8Iq4KC9UZKpkJJn6B8SpM7MCC3tl35vR1WF9

Response headers

date: Fri, 23 Sep 2022 17:05:30 GMT
content-encoding: gzip
x-amz-cf-pop: SIN2-P2
x-amzn-requestid: 05201f54-993b-4c91-b138-90e6e372b9ad
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-632de75a-1abb09e326507e540ac18445;Sampled=0
x-amz-apigw-id: Y7EWLH7ISwMFbYg=
content-length: 9304
x-amz-cf-id: MmXvAFczu2eeZFU1_r_j6XG1A-d6WyUeViWViha9CEtAsJ1aTlkz8Q==

OPTIONS
H2 200 GA_SDO_P0419AW04
commerceapi.news.com.au/offersapi/offers/ Frame 0
0 1572ms
614ms Preflight
application/json 104.83.196.116
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://commerceapi.news.com.au/offersapi/offers/GA_SDO_P0419AW04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.83.196.116 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-83-196-116.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-api-key
Access-Control-Request-Method: GET
Origin: https://subscriptions.geelongadvertiser.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: https://subscriptions.geelongadvertiser.com.au
content-length: 1
content-type: application/json
date: Fri, 23 Sep 2022 17:05:29 GMT
x-amz-apigw-id: Y7EWDFXGywMFhAA=
x-amz-cf-id: iUFEHYYGs_Zkh_k0yUUAlC524OyV8salPPZ8ybWR-rsodlR_MBwDdw==
x-amz-cf-pop: SIN2-P2
x-amzn-requestid: 68b7ce23-cca3-4412-bd36-40bf9d43e681

POST
H2 200 log Show response
play.google.com/ Frame 20EF 131 B
519 B 388ms
251ms XHR
text/plain 142.250.4.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.dCCi__GK03c.es5.O/am=BoA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/rs=AMitfrhSjAcGN9qnNrlwAarCDGej431dFw/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f100.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Fri, 23 Sep 2022 17:05:28 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

GET
H2 200 Serving Show response
bs.serving-sys.com/ 10 KB
3 KB 519ms
175ms Script
text/html 13.215.111.251
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=6630&dispType=js&sync=0&sessionid=8796530670906935628&pageurl=$$https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium$$&activityValues=$$Session%3D8177286188117443603$$&ns=0&rnd=8780266341193039&uinadv=%7B%7D
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.215.111.251 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-215-111-251.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 0b3df96e89adc582f002f9566aff43edf002b15e1181779306da68e60a823391

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 1996
expires: Sun, 05-Jun-2005 22:00:00 GMT

POST
H/1.1 200
OK tp2 Show response
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ 2 B
565 B 101ms
100ms XHR
text/plain 13.210.135.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Date: Fri, 23 Sep 2022 17:05:28 GMT
Server: nginx
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=UTF-8
Content-Length: 2

OPTIONS
H/1.1 200
OK tp2
au.pixel.newscgp.com/com.snowplowanalytics.snowplow/ Frame 0
0 100ms
100ms Preflight 13.210.135.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.pixel.newscgp.com/com.snowplowanalytics.snowplow/tp2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.210.135.68 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-210-135-68.ap-southeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.geelongadvertiser.com.au
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Max-Age: 600
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 17:05:28 GMT
Server: nginx

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame F9AA 389 KB
155 KB 483ms
180ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
Origin: https://subscriptions.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346883
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158248
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 16:44:06 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F12 0
10 B 169ms
169ms Image
text/plain 142.251.12.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?SkqDSQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame A42F 4 KB
2 KB 514ms
171ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 16:14:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 3038
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: SIN2-C1
X-Amz-Cf-Id: 4zv19TnFU_MQltBH743Tzh900Z_qP-Cfmvb5ssdzoyiOaizbLd0z0w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 97B0 115 KB
46 KB 528ms
186ms Script
application/javascript 142.251.10.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-842662438

Requested by

Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

4a2f1731fee4563a56f39535f498446a41f7e16654f58ae7c8fee387aaad7d55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46464
x-xss-protection: 0
last-modified: Fri, 23 Sep 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 23 Sep 2022 17:05:29 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ Frame CFE5 4 KB
2 KB 532ms
186ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 16:14:52 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 3038
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: SIN2-C1
X-Amz-Cf-Id: udtFutBiRL9RszpdPuxcRi_tqH2v0kzlXV24BXEJ9YnzHXW7ocS6_A==

GET
H/1.1 200
OK pixie.js Show response
acdn.adnxs.com/dmp/up/ Frame BEC1 9 KB
4 KB 263ms
85ms Script
application/javascript 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/up/pixie.js
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium&nk=af14d75f5b9d18a1c3f8f3595ca39ffc-1663952719
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:05:29 GMT
Content-Encoding: gzip
Age: 40057
X-Cache: HIT, HIT
Connection: keep-alive
Content-Length: 3340
X-Served-By: cache-lga21934-LGA, cache-mel11242-MEL
Access-Control-Allow-Origin: *
Last-Modified: Wed, 02 Jun 2021 15:04:00 GMT
Server: nginx/1.18.0 (Ubuntu)
X-Timer: S1663952729.477289,VS0,VE0
ETag: W/"60b79de0-23b3"
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 varnish, 1.1 varnish
Expires: Fri, 01 Oct 2021 05:45:37 GMT
Cache-Control: max-age=86402
Accept-Ranges: bytes
X-Cache-Hits: 1, 5196

GET
H2

200

activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14 Show response
8228261.fls.doubleclick.net/ Frame E753
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=887207758541...

401 B
441 B

497ms
195ms

Document
text/html

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

7442e692879c01ba748c0983846de8c57584037307522d2bc656e311652a9383

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 330
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:30 GMT
expires: Fri, 23 Sep 2022 17:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69 Show response
8228261.fls.doubleclick.net/ Frame B34E
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=978409778359...

401 B
399 B

683ms
382ms

Document
text/html

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

07cd79c362ffa4d5954d8528a57b9f960aa15bbc4be24baeb73ef117ea6e1cd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 329
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:30 GMT
expires: Fri, 23 Sep 2022 17:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572 Show response
8228261.fls.doubleclick.net/ Frame 7722
Redirect Chain

https://8228261.fls.doubleclick.net/activityi;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572?
https://8228261.fls.doubleclick.net/activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=885609928591...

402 B
401 B

495ms
194ms

Document
text/html

142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8228261.fls.doubleclick.net/activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

cafe /

Resource Hash

b901896774ff2a65d437a130496520ecad3e41c58258be519c8059a0196518c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: gzip
content-length: 331
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:30 GMT
expires: Fri, 23 Sep 2022 17:05:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame CE1D
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:sn89jzz&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-wJ6OW2dE2uKTaFMSHDwCUdr3FpiDFMU-~A&gdpr=0&gdpr_consent=
https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
692 B

98ms
98ms

Image
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Date: Fri, 23 Sep 2022 17:05:31 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 457D
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=vrges6n&ct=0:dc3lunr&fmt=3
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/55953/sync?uid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-etrAtEhE2uKqQ9yiODltZguXQHb3j3I-~A&gdpr=0&gdpr_consent=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=

43 B
885 B

358ms
355ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f4dd947fb25aa0-MEL
pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QN7QUhfpGhYIF4HFYbf0mP2keWCGTr%2BflzEhyVaxGKbv4Uk2zr%2Febz%2B9mezO82taOJ7m9Sq4%2BvJUAIt4Mc4OmpLVErwtFgG%2FhocRr2eCx%2BcdJ%2BPuc5xHlRrrjyTm7sy7CTbuJ%2BY4azuERQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H/1.1

422
Unprocessable Entity

tap.php
pixel.rubiconproject.com/ Frame BF8B
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nrubs1l&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon

0
0

244ms
168ms

Image
text/plain

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: HTTP/1.1
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:29 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 409

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2802
Redirect Chain

https://insight.adsrvr.org/track/pxl/?adv=xmwilhl&ct=0:nucu8f9&fmt=3
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=Y2I1MWY5YTItYWJhYi00NzBiLWFmOGItZTJkZGZhMjYxOWY1&gdpr=0&gdpr_consent=&ttd_tdid=cb51f9a2-abab-470b-af8b-e2ddf...
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&google_gid=CAESELI5TasISSSsHc3dp_GI0Mc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=

43 B
844 B

465ms
361ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H3
Server: 104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74f4dd947fb15aa0-MEL
pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8mqZmzUFoJmOZEtC9cLfsMv%2BhS%2FgoJVHIdV2EwmNZy883OgEblRSFKKkElo77O3AGWUoS3m7HBzLhgxfA4bDcy3IqGBDbGkwX7pCUSuGzE2UGPsiQ75M%2Fe4b6ILSRTmrJL4OxXotbuNMzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expiration=1666544730&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 323

GET
H2 200 activity
au-gmtdmp.mookie1.com/t/v2/ Frame B732 43 B
641 B 396ms
222ms Image
image/gif 35.227.202.26
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-gmtdmp.mookie1.com/t/v2/activity?tagid=V2_296536&src.rand=[timestamp]
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.202.26 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 26.202.227.35.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:29 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame D137 43 B
1010 B 691ms
231ms Image
image/gif 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=879169&seg=9702350&t=2

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:29 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: d7ae31b3-9f18-42f3-af2e-5fa28d881fd4
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
994 B 688ms
228ms Image
application/javascript 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1050017&seg=15376868&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:29 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0149fdbe-bc29-463d-be4e-56b955b24b03
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
994 B 695ms
236ms Image
application/javascript 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1050013&seg=15376754&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:29 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dbd24c30-5e44-4cf8-b121-7abc4d3be9f0
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
994 B 688ms
233ms Image
application/javascript 104.254.151.120
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1050012&seg=15376743&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.120 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 23 Sep 2022 17:05:30 GMT
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f42fd240-6296-4f49-b64a-d32d27cf613d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK pixie
ib.adnxs.com/ Frame BEC1 42 B
351 B 229ms
228ms Image
image/gif 104.254.151.69
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ib.adnxs.com/pixie?e=PageView&pi=4332873b-84ca-4d4d-a575-ee974bcdf99a&it=1663952729522&v=0.0.20&u=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&r=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&st=1663952729522&et=1663952729522&if=1
Requested by: Host: www.geelongadvertiser.com.au
URL: https://www.geelongadvertiser.com.au/subscribe/news/1/?sourceCode=GAWEB_WRE170_a_NWL&dest=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Ftruecrimeaustralia%2Fpolice-courts-geelong%2Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%2Fnews-story%2F7b2ee7da46bfae53f04eddd819e248e8&memtype=anonymous&mode=premium&offerset=ga_truecrime_premium
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.254.151.69 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS: 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software: nginx/1.21.3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 17:05:29 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx/1.21.3
Connection: keep-alive
X-Proxy-Origin: 103.209.254.113; 103.209.254.113; 900.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 42
Content-Type: image/gif

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 188ms
185ms Image
text/html 142.251.12.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092001&jk=128015115515468&bg=!8vGl8bXNAAYIxsuQKMY7ACkAdvg8WpcOFEcLvFU8PajLng2_Vlo43_0CELFx-_DVJSonb9LmtBfkswIAAABtUgAAAAJoAQcKADeeMwOtYfxuH-6b2n5Eo1YoWriXu3dFU7mMgZBZHAoJWmBOrJk1G3SUPURNHI6xejNrULV8Vw3nmQK1prIFQGpI2A7yNBNqeUabT2_kVxbyRpTI7k04kBPripPkv75o-bxiMYPmeeA3sbxfDyuVbeyKLSYg9DCqeVck_94WGsHNbiPA3Ly8NaCp_EsLr6xgIhtgzyc64ixYG5dBZVwUna8oN2Iv0LoElYhQ8D8Q85S_MLprwrFdrHs6cFU2bdlBCAHlJaF80fmQxA9d50OQOW9Pe256VHH20gsZDulRAJzaytygG4iI_Ufm4O1g8fVLpDgovAP-7ku7_to7MggKOZFDC5js5f8FnvtOJ8H1DJ_Ac7Bz2puvA9f_Zph3h1LS0cYLEkvBw5V-hfQIpOR_72zs9Ab3qgYnCv35sZ31JlK_kGM_zt20yRAKAocv9FHrhrG43Zg27zvnJZWipof-YgNROGVMoxiKuPDMSfw0EalGnWgkmvKq8WJ3oF-MH2fBdfJTZj8geIXsfXxJUJ7wDCaQTVwAmqzPmBryRdkm3BeWdlQHabLO9CXakaKR48q8ly3n02GwYXhDc3miweQNi5v6Q4pShdBB6zgcIZWIQipdNufJqGmPlky5TnIJfY5f0cNbwfWiD1Q2Uj3EDaR_ONW8tT3RxFAE9BmWPjL7KDfk5TnGsNx8N4ugBcWNLEJ5z4S_4EYuag9QwXg8M6gLT9eAedjVpbtHBfOoFubUhp55fqTpModpOpMGXrPKhiZgjE0FjcNcQJ3UqGRiouxe6TfBbZh1HQXc9pzHNv2Y-1DJ0OlN7kdMTn3_iSmfFbeaRkQpQcuA1FwLJJQQk_BEPTXTvq4BKajMYZbx9b0tv5_KeSqfNbAYr5i4-mTCQu3cbPlO1e2wHCEjhclUgdFB9v3IWTVhcXbHIQEnb3F320ygwTm_MjS8Ns2U1xBeB6A5q6W3VqrgtLKUL7dY6rip6TkOMYx10f3VriM4e8tSuQ06
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.251.12.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: se-in-f156.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 340ms
168ms Image
text/plain 157.240.7.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=316290525736583&ev=Microdata&dl=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&rl=&if=false&ts=1663952729896&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20to%20the%20Geelong%20Advertiser%22%2C%22meta%3Adescription%22%3A%22Subscribe%20to%20the%20Geelong%20Advertiser%20to%20get%20unrestricted%20digital%20access%2C%20home%20paper%20delivery%2C%20Apps%20for%20iPad%20and%20Android%20and%20much%20more...%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.83&r=stable&ec=2&o=30&fbp=fb.2.1663952728389.16549708&it=1663952726645&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.7.35 Singapore, Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 23 Sep 2022 17:05:30 GMT
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i

GET
DATA 200
OK truncated
/ Frame F9AA 520 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F9AA 466 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Charter_Bold.woff2
subscriptions.news.com.au/media/fonts/Charter/ Frame F9AA 11 KB
11 KB 519ms
173ms Font
binary/octet-stream 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter_Bold.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/Charter/Charter.css
Origin: https://subscriptions.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: 1b6Z9wm5mjr_.l.HoLoCCXx3v3T_1CSx
via: 1.1 456e9698bd1002705d9e83bb010ea4fc.cloudfront.net (CloudFront)
etag: "d7b524ce6a47a156d5f7767297b358f7"
age: 11680
x-cache: Hit from cloudfront
content-length: 11024
last-modified: Wed, 23 Sep 2020 08:43:11 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 14:03:26 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
x-amz-cf-id: t8S3gh9nbONE8SKMgHBLG-XufXOk-fuhKLmJFQD6H7XYCrHKedehIw==

GET
H2 200 SourceSansPro-Regular.woff2
subscriptions.news.com.au/media/fonts/SourceSansPro/ Frame F9AA 83 KB
83 KB 524ms
179ms Font
binary/octet-stream 54.192.150.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro-Regular.woff2
Requested by: Host: subscriptions.news.com.au
URL: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-112.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89de2f207fac8289b2b0d7300b282db8347db9f3098a30662c72ced8c199971c

Request headers

Referer: https://subscriptions.news.com.au/media/fonts/SourceSansPro/SourceSansPro.css
Origin: https://subscriptions.geelongadvertiser.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-amz-version-id: HGUZ0F9RdAEWfB40COdzBzaJoUnKDPkQ
via: 1.1 456e9698bd1002705d9e83bb010ea4fc.cloudfront.net (CloudFront)
etag: "84900d939c3d3911d3a7d936cae4f3a6"
age: 51164
x-cache: Hit from cloudfront
content-length: 84808
last-modified: Wed, 23 Sep 2020 08:43:40 GMT
server: AmazonS3
date: Fri, 23 Sep 2022 02:53:33 GMT
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: SIN2-C1
accept-ranges: bytes
x-amz-cf-id: hA8z4H7bxMHPMsqWfR-b8yXNj1xtG8cVoCtarAaStldZJiGL9jnUeQ==

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 64F3 42 KB
22 KB 223ms
200ms Document
text/html 142.251.10.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=wmjfpjgpbgp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f104.1e100.net

Software

GSE /

Resource Hash

1942eb78035d8acf516783864ed94da8348fd7424555584117d29f5d10088d35

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-fPrdjZkfpyN8ZXCnR62tXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subscriptions.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22018
content-security-policy: script-src 'report-sample' 'nonce-fPrdjZkfpyN8ZXCnR62tXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 23 Sep 2022 17:05:30 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 97B0 41 KB
16 KB 534ms
184ms Script
text/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-842662438

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15701
x-xss-protection: 0
server: cafe
etag: 15927311876428925992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 23 Sep 2022 17:05:30 GMT

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
194 B 1419ms
355ms Ping
text/plain 3.126.61.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.61.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-61-30.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
194 B 1442ms
353ms Ping
text/plain 3.126.61.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.61.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-61-30.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
597 B 173ms
172ms Image
image/gif 18.139.197.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b12_subscribe_S&asn=subscribe&fp_id=2znwnpxtybz1xgconh2c0l4gbcx6k1663952728&fp_cr_tm=1663952728086&fp_acc_tm=1663952728086&fp_emm_tm=1663952728086&ve_id=&sessionId=irf9txootzmfmmafcw6jhsra4faf01663952728&prv=1&c6=vc,b12&ca=NA&c13=asid,P9639CC51-2F11-48E8-B888-393496680A12&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,w2dapym6mswmfgtviucklhybpge6m1663952728&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,1663952728081141&c30=bldv,6.0.0.623&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1663952726587&c3=st,c&c64=starttm,1663952729&adid=1663952726587&c58=isLive,false&c59=sesid,&c61=createtm,1663952730&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&c66=mediaurl,&sdd=&c62=sendTime,1663952730&rnd=499206
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.139.197.60 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-139-197-60.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

POST
H/1.1 200
OK tme
lm.serving-sys.com/lm/ 0
194 B 1486ms
370ms Ping
text/plain 3.126.61.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://lm.serving-sys.com/lm/tme
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.126.61.30 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-126-61-30.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.geelongadvertiser.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.geelongadvertiser.com.au
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame EEC2 833 B
1 KB 101ms
100ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&upid=gwdsao6&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 67cfc1450a8d613a54b109ff99f56644c72e86672634be26c11e6c7debcdc538

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:30 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 64F3 52 KB
24 KB 181ms
180ms Stylesheet
text/css 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=wmjfpjgpbgp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348890
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 16:10:40 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame 64F3 389 KB
155 KB 205ms
204ms Script
text/javascript 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 16:44:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 346884
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158248
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 16:44:06 GMT

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame C54B 833 B
1 KB 100ms
100ms Document
text/html 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&upid=3ausds4&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 4fb4fc76b5ce90dfaedc02d6117746cd4afcc8dd55527f77d7c22d95be130459

Request headers

Referer: https://www.geelongadvertiser.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-type: text/html; charset=utf-8
date: Fri, 23 Sep 2022 17:05:30 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

GET
H2 200 dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14
adservice.google.com/ddm/fls/z/ Frame E753 42 B
262 B 492ms
191ms Image
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJzAgvuyq_oCFVbycwEdJvkKzw;src=8228261;type=invmedia;cat=newsc019;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8872077585415.14?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572
adservice.google.com/ddm/fls/z/ Frame 7722 42 B
107 B 493ms
191ms Image
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CKvZgvuyq_oCFRjBcwEdvIYIFg;src=8228261;type=invmedia;cat=newsc01d;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8856099285917.572?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame EEC2 487 B
985 B 176ms
174ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=xmwilhl&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&upid=gwdsao6&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 16:41:54 GMT
Via: 1.1 84a8283bcf12d6659a335b8d00e9c15a.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 2624
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: SIN2-C1
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 9P06ojzveSxSwgZSSVqOAK-ikNiDqf-Lt-6HyEbmnVLnvKF0DroW_A==

GET
H/1.1 200
OK universal_pixel.1.1.0.js Show response
js.adsrvr.org/ Frame C54B 487 B
985 B 172ms
172ms Script
application/x-javascript 52.84.228.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Requested by: Host: insight.adsrvr.org
URL: https://insight.adsrvr.org/track/up?adv=vrges6n&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&upid=3ausds4&upv=1.1.0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.228.218 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-228-218.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://insight.adsrvr.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Date: Fri, 23 Sep 2022 16:41:54 GMT
Via: 1.1 5230066306741527c1870ae028182b78.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:32 GMT
Server: AmazonS3
Age: 2624
ETag: "f0a7a3296da7382ce6bc1a3b6769e927"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: SIN2-C1
Accept-Ranges: bytes
Content-Length: 487
X-Amz-Cf-Id: 45JryTRneN5PxMOwSaSW_GyuolsjRYHDzsEomse2eKYYBdjOuBEa6Q==

GET
H3 200 dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69
adservice.google.com/ddm/fls/z/ Frame B34E 42 B
63 B 352ms
189ms Image
image/gif 142.251.10.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69

Requested by

Host: 8228261.fls.doubleclick.net
URL: https://8228261.fls.doubleclick.net/activityi;dc_pre=CJvLgvuyq_oCFbvAcwEdr4cGLA;src=8228261;type=invmedia;cat=newsc01-;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9784097783595.69?

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f156.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://8228261.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 736D
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&r=https%3A%2F%2Fmatch.adsrvr.org%2...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

70 B
692 B

99ms
98ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 23 Sep 2022 17:05:31 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, private
date: Fri, 23 Sep 2022 17:05:30 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame 8977
Redirect Chain

https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://x.bidswitch.net/ul_cb/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch

70 B
692 B

100ms
99ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 23 Sep 2022 17:05:31 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Fri, 23 Sep 2022 17:05:31 GMT
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=bidswitch
Server: nginx

GET
H/1.1 200
OK syncd Show response
x.bidswitch.net/ Frame EB84 43 B
235 B 619ms
219ms Document
image/gif 35.213.12.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://x.bidswitch.net/syncd?dsp_id=93&user_group=1&user_id=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&expires=30&redir=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Fgeneric%3Fttd_pid%3Dbidswitch
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS: 39.12.213.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Fri, 23 Sep 2022 17:05:31 GMT
Server: nginx

GET
H2

200

generic Show response
match.adsrvr.org/track/cmf/ Frame BC9C
Redirect Chain

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&r=https%3A%2F%2Fmatch.adsrvr.org%2...
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic

70 B
692 B

101ms
99ms

Document
image/gif

35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/universal_pixel.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://insight.adsrvr.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private,no-cache, must-revalidate
content-length: 70
content-type: image/gif
date: Fri, 23 Sep 2022 17:05:31 GMT
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma: no-cache
x-aspnet-version: 4.0.30319

Redirect headers

cache-control: no-store, no-cache, private
date: Fri, 23 Sep 2022 17:05:30 GMT
location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/ Frame 97B0 4 KB
2 KB 636ms
293ms Script
text/javascript 74.125.68.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/?random=1663952730615&cv=9&fst=1663952730615&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.68.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sc-in-f156.1e100.net

Software

cafe /

Resource Hash

749fd6652ec21f86b1e7d85bac51e155a9e570c9c7b93b3afdef6778c1a58b77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/842662438/ Frame 97B0 3 KB
2 KB 488ms
187ms Script
text/javascript 74.125.24.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/842662438/?random=1663952730618&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&gtm_ee=1&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f156.1e100.net

Software

cafe /

Resource Hash

61358fb812bad1be0aea1582e0fa65a4ab02e0c1ed79281bbccf834ea3fcb333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1554
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js Show response
js.stripe.com/v3/fingerprinted/js/ 174 B
297 B 87ms
85ms Script
text/javascript 151.101.128.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/trusted-types-checker-b31b0d3b211d1247a37e6120682932ed.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.128.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
age: 82322
x-cache: HIT
content-length: 119
etag: "5cbd8f0579eb735eea933bbd78b29553"
x-request-id: 1d8a4d80-730d-4def-ad8f-dd2b04ddd2ae
x-served-by: cache-mel11235-MEL
access-control-allow-origin: *
last-modified: Mon, 12 Sep 2022 20:31:44 GMT
server: Fastly
date: Fri, 23 Sep 2022 17:05:30 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2796

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 64F3 2 KB
2 KB 180ms
180ms Image
image/png 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Sat, 17 Sep 2022 23:18:45 GMT
x-content-type-options: nosniff
age: 496005
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Sat, 24 Sep 2022 23:18:45 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64F3 15 KB
15 KB 183ms
182ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 13:24:20 GMT
x-content-type-options: nosniff
age: 99670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 22 Sep 2023 13:24:20 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 64F3 15 KB
15 KB 190ms
188ms Font
font/woff2 142.251.10.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f94.1e100.net

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 09:37:28 GMT
x-content-type-options: nosniff
age: 26882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 23 Sep 2023 09:37:28 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 64F3 102 B
133 B 183ms
182ms Other
text/javascript 142.251.10.104
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f104.1e100.net

Software

GSE /

Resource Hash

87f9dd28eeec028a050aa297c049f267f5c853a542a2cc1dccbd010b50f6e855

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcRJpMUAAAAAO8Xa3AIJqR0hnCyDnJcZwTFp6pJ&co=aHR0cHM6Ly9zdWJzY3JpcHRpb25zLmdlZWxvbmdhZHZlcnRpc2VyLmNvbS5hdTo0NDM.&hl=en&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=wmjfpjgpbgp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 23 Sep 2022 17:05:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 23 Sep 2022 17:05:30 GMT

POST
H2 200 0 Show response
r.stripe.com/ Frame DF0F 0
127 B 309ms
306ms Fetch
text/plain 54.187.119.242
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r.stripe.com/0
Requested by: Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/shared-274f63d2f70fe93bbbc5650622e3bb9f.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.187.119.242 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ip-54-187-119-242.stripe.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Referer: https://js.stripe.com/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://js.stripe.com
date: Fri, 23 Sep 2022 17:05:31 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0
content-type: text/plain

GET
DATA 200
OK truncated
/ Frame F9AA 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 s94580081597974 Show response
metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 185ms
182ms Script
application/x-javascript 63.140.48.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.geelongadvertiser.com.au/b/ss/newscorpau-gaweb,newscorpau-global/10/JS-2.22.4/s94580081597974?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=23%2F8%2F2022%2017%3A5%3A31%205%200&cid.&newsnkidcookie.&id=af14d75f5b9d18a1c3f8f3595ca39ffc&as=1&.newsnkidcookie&.cid&d.&nsid=0&jsonv=1&.d&vid=af14d75f5b9d18a1c3f8f3595ca39ffc&mid=89195195664829714231848134108232064550&aamlh=3&ce=UTF-8&ns=newscorpau&cdp=3&pageName=ga%7Csops%7Cshopfront%7Cbreach%2Bshopfront&g=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-s&cc=AUD&events=event8%2Cevent19&v1=news%20corp%20au&v2=geelong%20advertiser&v3=geelong%20advertiser%20web&v4=sops&v5=subscription&v6=customer%20details&v9=breach%2Bshopfront&v10=D%3DpageName&v11=D%3Dvid&v14=anonymous&v22=3%3A05%20AM%7CSaturday&v24=New&v34=D%3Dg&v38=GA_SDO_P0419AW04&v77=D%3Dmid&v125=gp&pe=lnk_o&pev2=event&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&-g=tory%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&lrt=536&AQE=1

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.48.177 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

ca12dd093752cabfb42beabcf2bbaaab9bb037d28493b38b1d57e160a205dc15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

x-aam-tid: +Nb41U0mQDE=
date: Fri, 23 Sep 2022 17:05:31 GMT
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
vary: *
content-length: 4959
x-xss-protection: 1; mode=block
dcs: dcs-prod-apse-1-v038-07aea2e4f.edge-apse.demdex.com 5 ms
pragma: no-cache
last-modified: Sat, 24 Sep 2022 17:05:31 GMT
server: jag
etag: 3573311281532993536-4619934997457300433
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Thu, 22 Sep 2022 17:05:31 GMT

GET
H2

200

/
www.google.com.au/pagead/1p-conversion/842662438/ Frame 97B0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
https://www.google.com/pagead/1p-conversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
https://www.google.com.au/pagead/1p-conversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...

42 B
108 B

186ms
186ms

Image
image/gif

74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-conversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10X3pRcWcwTW5sLTY5cjRMLTdGZ3FFa0dxWUxvVTB1aDVWU283bE5Ha2dtbzZnGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERCSXpUczd3Y2RYTmM3S1BHRUZ2eU5NZEhuRDVQZEJzSHFqNThwZk03ekJiZ0MzQzJsb1N0ME50&is_vtc=1&ocp_id=W-ctY7lNxeeu2g-ZsbyoBQ&cid=CAQSKQCsnQUxXJCL9sNGwN-ua8AH9GJqXyt6cDya0mhHXuIh52KNDLtTzlTq&random=962478809&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hAI-f113yww4_P0U4v05sBEcjw843FFX0LxuzlMCfFO1WB_nxdSaKw0SX1W2kAlRGmM1ev0JsYIG1_QuyKPs3k-

Requested by

Protocol

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.com.au/pagead/1p-conversion/842662438/?random=1203540181&cv=9&fst=1663952730618&num=1&label=Uj4dCI_J9NgBEKaE6JED&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&ig=1&data=event%3Dconversion&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&auid=2037797122.1663952730&gtm_ee=1&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek9DaEVJOExLMW1RWVFsdExBM3RLcnk2Mk5BUkltQURSbS10X3pRcWcwTW5sLTY5cjRMLTdGZ3FFa0dxWUxvVTB1aDVWU283bE5Ha2dtbzZnGlhDaEFJOExLMW1RWVExUHlnamJ5Vms3NG9FaTRBNXNoSERCSXpUczd3Y2RYTmM3S1BHRUZ2eU5NZEhuRDVQZEJzSHFqNThwZk03ekJiZ0MzQzJsb1N0ME50&is_vtc=1&ocp_id=W-ctY7lNxeeu2g-ZsbyoBQ&cid=CAQSKQCsnQUxXJCL9sNGwN-ua8AH9GJqXyt6cDya0mhHXuIh52KNDLtTzlTq&random=962478809&resp=GooglemKTybQhCsO&ipr=y&prhg=0&ezwbk=AZuM4hAI-f113yww4_P0U4v05sBEcjw843FFX0LxuzlMCfFO1WB_nxdSaKw0SX1W2kAlRGmM1ev0JsYIG1_QuyKPs3k-
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/842662438/ Frame 97B0 42 B
64 B 192ms
191ms Image
image/gif 142.251.10.104
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/842662438/?random=1663952730615&cv=9&fst=1663952400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&async=1&fmt=3&is_vtc=1&random=657054623&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.10.104 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f104.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com.au/pagead/1p-user-list/842662438/ Frame 97B0 42 B
548 B 521ms
183ms Image
image/gif 74.125.200.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/pagead/1p-user-list/842662438/?random=1663952730615&cv=9&fst=1663952400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa9l0&sendb=1&data=event%3Dgtag.config&frm=1&url=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&ref=https%3A%2F%2Fwww.geelongadvertiser.com.au%2Fsubscribe%2Fnews%2F1%2F%3FsourceCode%3DGAWEB_WRE170_a_NWL%26dest%3Dhttps%253A%252F%252Fwww.geelongadvertiser.com.au%252Ftruecrimeaustralia%252Fpolice-courts-geelong%252Fpolice-arrest-two-people-after-corio-village-shopping-centre-fight%252Fnews-story%252F7b2ee7da46bfae53f04eddd819e248e8%26memtype%3Danonymous%26mode%3Dpremium%26offerset%3Dga_truecrime_premium&async=1&fmt=3&is_vtc=1&random=657054623&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sa-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.geelongadvertiser.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Sep 2022 17:05:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/2970e277

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/1McDhLIVMB

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/2970e277

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/aXHkEKIDVd/_e/DE4odUOX/EbiOVQGS/RV89Lg/dl/1McDhLIVMB

Verdicts & Comments Add Verdict or Comment

171 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

81 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.geelongadvertiser.com.au/truecrimeaustralia/police-courts-geelong/police-arrest-two-people-after-corio-village-shopping-centre-fight/news-story	1970-01-20 14:58:08	Name: nk Value: af14d75f5b9d18a1c3f8f3595ca39ffc
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: n_regis Value: 123456789
.news.com.au/	1970-01-20 15:48:32	Name: nk Value: af14d75f5b9d18a1c3f8f3595ca39ffc
www.geelongadvertiser.com.au/	1970-01-20 06:22:37	Name: AWSALB Value: NAmnM3NI7G7ByBWnei/EmEvWoPd/tsBMe3oa01yhRDbz1pIhQspl8IQcKC5VWqd9eiqcRfiVvU1dFKjPnlLw6X85rCXgCNmtPa7YOViccWv9HFbGS8cWARLoIcQh
www.geelongadvertiser.com.au/	1970-01-20 06:22:37	Name: AWSALBCORS Value: NAmnM3NI7G7ByBWnei/EmEvWoPd/tsBMe3oa01yhRDbz1pIhQspl8IQcKC5VWqd9eiqcRfiVvU1dFKjPnlLw6X85rCXgCNmtPa7YOViccWv9HFbGS8cWARLoIcQh
.geelongadvertiser.com.au/	1970-01-20 15:48:32	Name: nk Value: af14d75f5b9d18a1c3f8f3595ca39ffc
.geelongadvertiser.com.au/	1970-01-20 15:48:32	Name: nk_debug Value: nk_not_set
.geelongadvertiser.com.au/	1970-01-20 15:48:32	Name: nk_ts Value: 1663952719
.geelongadvertiser.com.au/	1970-01-20 10:31:44	Name: optimizelyEndUserId Value: oeu1663952722349r0.981423949499383
login.newscorpaustralia.com/	1970-01-20 14:58:30	Name: did Value: s%3Av0%3Aea044bd0-3b61-11ed-af86-edefe11a6ea7.XdIHXTLHcgZ9R%2FI%2FxBFVr9Y%2Bif8DCNwYx9FwKqw6yqU
.demdex.net/	1970-01-20 10:31:44	Name: demdex Value: 89173939531797161011850250924033298236
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.geelongadvertiser.com.au/	1970-01-20 14:58:08	Name: utag_main Value: v_id:01836b4fa5800010f7ac3dd79f8403074016306c00b08$_sn:1$_se:1$_ss:1$_st:1663954525377$ses_id:1663952725377%3Bexp-session$_pn:1%3Bexp-session
.everesttech.net/	1970-01-20 14:58:08	Name: everest_g_v2 Value: g_surferid~Yy3nVQAAAE8A7gN7
.dpm.demdex.net/	1970-01-20 10:31:44	Name: dpm Value: 89173939531797161011850250924033298236
.google.com/	1970-01-20 10:36:03	Name: NID Value: 511=iPjCPvzuUweOHv89-NfUAXSCUS9NttPkLv8mmFs2qMXdATs1T_6oitvf5g1JhlxcRUkWpcuHhWvU-IqESMU6bgW7xN8MHSble9uuI-zBqsspqd7-FJdCMMtwxmjmNFF7YSSwR-l1stHNEAlk1r5UqRQLdT0osNJd17iBxu5x0LI
.adnxs.com/	1970-01-20 08:22:08	Name: uuid2 Value: 8448983277026331092
.adsrvr.org/	1970-01-20 14:58:08	Name: TDID Value: cb51f9a2-abab-470b-af8b-e2ddfa2619f5
.turn.com/	1970-01-20 10:31:44	Name: uid Value: 8729284472680427041
.geelongadvertiser.com.au/	1970-01-20 06:12:34	Name: _ncg_sp_ses.a59a Value: *
.rubiconproject.com/	1970-01-20 14:58:08	Name: khaos Value: L8EQHOW3-4-3D66
.geelongadvertiser.com.au/	1970-01-20 06:12:34	Name: s_gdslv_s Value: First%20Visit
.geelongadvertiser.com.au/	1970-01-20 06:12:34	Name: s_ppn Value: ga%7Csops%7Cshopfront%7Cbreach%2Bshopfront
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: tp Value: 3033
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: ga%257Csops%257Cshopfront%257Cbreach%2Bshopfront%2C40%2C40%2C1200
.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.geelongadvertiser.com.au/	1970-01-20 15:48:32	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: 77933605%7CMCIDTS%7C19259%7CMCMID%7C89195195664829714231848134108232064550%7CMCAAMLH-1664557526%7C3%7CMCAAMB-1664557526%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1663959926s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19266%7CMCCIDH%7C46984236%7CvVersion%7C4.5.1
.casalemedia.com/	1970-01-20 14:58:08	Name: CMID Value: Yy3nVphUhT5XhhjSESdSsQAA
.casalemedia.com/	1970-01-20 08:22:08	Name: CMPS Value: 4724
.casalemedia.com/	1970-01-20 08:22:08	Name: CMPRO Value: 4724
.geelongadvertiser.com.au/	1970-01-20 06:55:44	Name: nc_aam_segs Value: asgmnt%3D16675898
.geelongadvertiser.com.au/	1970-01-20 06:55:44	Name: aam_uuid Value: 89173939531797161011850250924033298236
.doubleclick.net/	1970-01-20 15:48:32	Name: IDE Value: AHWqTUkW2Jm9zc-TRDtVFd6FWUx2gxq_oQEsbS26AHRYZrAK7NqKGOf50OLfRf5YiwE
.geelongadvertiser.com.au/	1970-01-20 15:34:08	Name: __gads Value: ID=ec4dc0b4f261195f:T=1663952727:S=ALNI_MbU5u0Pw75Xbwn1DGTVEi5y-xOdFQ
.geelongadvertiser.com.au/	1970-01-20 15:34:08	Name: __gpi Value: UID=000009d954fdeec5:T=1663952727:RT=1663952727:S=ALNI_MYcpAn61mjZXUT6y7oot3SY64K99g
.eyeota.net/	1970-01-20 14:58:08	Name: mako_uid Value: 1836b4faceb-3462000001084579
.eyeota.net/	1970-01-20 06:12:33	Name: SERVERID Value: 17785~DM
m.stripe.com/	1970-01-20 15:48:32	Name: m Value: fa3535d4-7424-4fdf-8834-bb4066af2796dac9cc
.www.geelongadvertiser.com.au/	1970-01-20 14:58:08	Name: __stripe_mid Value: 81c51889-d9eb-4ea7-a840-694a75ded986066465
.www.geelongadvertiser.com.au/	1970-01-20 06:12:34	Name: __stripe_sid Value: cd2f2252-356c-47f5-b1ac-77e7c0a2803279502b
.scanscout.com/	1970-01-20 14:58:08	Name: uid Value: CI-8db65a0dca16c5f6ff9f8024ff46c3f6
.scanscout.com/	1970-01-20 14:58:08	Name: UIAA Value: 89173939531797161011850250924033298236
.scanscout.com/	1970-01-20 14:58:08	Name: UIXX_UPDT Value: "UIAA=1663952727333"
.demdex.net/	1970-01-20 10:31:44	Name: dextp Value: 358-1-1663952725798\|470-1-1663952725899\|481-1-1663952726000\|771-1-1663952726101\|903-1-1663952726202\|19566-1-1663952726303\|23728-1-1663952726439\|30432-1-1663952726541\|30064-1-1663952726649\|66757-1-1663952726750\|134096-1-1663952726851\|144230-1-1663952726952\|144231-1-1663952727053\|144232-1-1663952727153\|144233-1-1663952727254\|144234-1-1663952727357\|144235-1-1663952727458\|144236-1-1663952727559\|144237-1-1663952727660\|147592-1-1663952727765\|461447-1-1663952727871
.openx.net/	1970-01-20 14:58:08	Name: i Value: f9f7dbd5-aff3-4381-9f51-7687cdf027c1\|1663952727
.pubmatic.com/	1970-01-20 08:22:08	Name: KRTBCOOKIE_218 Value: 4056-Yy3nVQAAAE8A7gN7&KRTB&22978-Yy3nVQAAAE8A7gN7&KRTB&23194-Yy3nVQAAAE8A7gN7&KRTB&23209-Yy3nVQAAAE8A7gN7
.geelongadvertiser.com.au/	1970-01-20 10:31:44	Name: nol_fpid Value: 2znwnpxtybz1xgconh2c0l4gbcx6k1663952728\|1663952728086\|1663952728086\|1663952728086
.dotmetrics.net/	1970-01-20 14:58:08	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 14:58:08	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=1f34a759-f972-4dca-a798-40febd4f2ab0&Created=09/23/2022 17:05:28&UserMode=0&guid=20f4fa14-df2e-470a-af50-37868164bdef&ver=1
.spotxchange.com/	1970-01-20 06:52:51	Name: audience Value: ec6d010d-3b61-11ed-85a1-17819dd40207
.geelongadvertiser.com.au/	1970-01-20 08:22:08	Name: _fbp Value: fb.2.1663952728389.16549708
www.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: DM_SitId1563 Value: true
www.geelongadvertiser.com.au/	1969-12-31 23:59:59	Name: DM_SitId1563SecId13075 Value: true
www.geelongadvertiser.com.au/	1970-01-20 06:12:34	Name: DM_SitIdT1563 Value: true
www.geelongadvertiser.com.au/	1970-01-20 06:12:34	Name: DM_SitId1563SecIdT13075 Value: true
.geelongadvertiser.com.au/	1970-01-20 15:48:32	Name: _ncg_sp_id.a59a Value: fce980c6-cb40-4f0b-9293-f9c5eb4e7b56.1663952727.1.1663952729.1663952727.b2481e9c-a1c9-4ab7-8791-305b2db301b0
.newscgp.com/	1970-01-20 14:58:08	Name: sp Value: 0294521b-6cfa-4bfa-96a1-981b750cb9da
.krxd.net/	1970-01-20 10:31:44	Name: _kuid_ Value: PGLap0eU
.imrworldwide.com/	1970-01-20 15:34:08	Name: IMRID Value: ecb513f0-3b61-11ed-a2e6-bfab1a65fa29
au-script.dotmetrics.net/	1970-01-20 06:22:37	Name: AWSALBCORS Value: DSKY/tFiasfvFlM8Hf+s3akug8UEwSUmK2lUc046fmtPy2SpSQ3qQYhDgP7Ccx19A8GefepsE6QOltnure3W3SknxM3NU36omze7OgeiZ1eyuSjAopfIFi+hNrRh
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_6630 Value: 1
.serving-sys.com/	1970-01-20 08:22:08	Name: ActivityInfo2 Value: 004tSSC930_00452zC930_
.serving-sys.com/	1970-01-20 08:22:08	Name: OT2 Value: 0001DC1rfh
.serving-sys.com/	1970-01-20 08:22:08	Name: u2 Value: 042a9a62-15db-4f56-bfc4-c5bedc2e3f3c4IW050
.mookie1.com/	1970-01-20 15:41:20	Name: id Value: 10524349381991850429
.mookie1.com/	1970-01-20 15:41:20	Name: mdata Value: 1\|10524349381991850429\|1663952729588
.mookie1.com/	1970-01-20 15:41:20	Name: ov Value: fd25800792da46555a86673d51aa3fba
.rubiconproject.com/	1970-01-20 14:58:08	Name: audit Value: 1\|dubJPUgjdLsyB1eUV4TkfuxNZRb98fcoPSFraX4ECTNNDY5C4h7Kr8mJhDXAhWCKAOLbgkVsIGTyUhTWCqUS/Lu8MdjV0SuEA7G8uRMM4SvJGZ8ybLN6t5AgyBVK9M4AEAW/jm+M1idnBBJhMZ2TKVfMX7YoHIhjoxw3IrM1QdF01qAbJMnMkX2NFdeBSG8D5IYzazhYCkuma+WVcS1g3g==
.geelongadvertiser.com.au/	1970-01-20 08:22:08	Name: _gcl_au Value: 1.1.2037797122.1663952730
.analytics.yahoo.com/	1970-01-20 14:58:08	Name: IDSYNC Value: 1769~27bt
.yahoo.com/	1970-01-20 14:58:30	Name: A3 Value: d=AQABBFnnLWMCEP0mtGE0a4BLvmWW0rCmmXcFEgEBAQE4L2M3YwAAAAAA_eMAAA&S=AQAAAlKZvUB5NWf71_rX0n_qtPQ
.adnxs.com/	1970-01-20 08:22:08	Name: anj Value: dTM7k!M4/YEVNsVF']wIg2GU(rjbcD!fDuh#MUU_pPi_y0/m2EAd]FFCozKpaF)nX)l8HI?jWhV?@OI!AXTO:4=sB!>_u'FAJ<
.casalemedia.com/	1970-01-20 08:22:08	Name: CMTS Value: 4698
.geelongadvertiser.com.au/	1970-01-20 06:55:44	Name: s_nr30 Value: 1663952731016-New
.geelongadvertiser.com.au/	1970-01-20 15:48:32	Name: s_gdslv Value: 1663952731017
.pubmatic.com/	1970-01-20 08:22:08	Name: KRTBCOOKIE_377 Value: 6810-cb51f9a2-abab-470b-af8b-e2ddfa2619f5&KRTB&22918-cb51f9a2-abab-470b-af8b-e2ddfa2619f5&KRTB&23031-cb51f9a2-abab-470b-af8b-e2ddfa2619f5
.pubmatic.com/	1970-01-20 06:55:44	Name: PugT Value: 1663952730
.bidswitch.net/	1970-01-20 14:58:08	Name: tuuid_lu Value: 1663952731
.bidswitch.net/	1970-01-20 14:58:08	Name: tuuid Value: 80f99584-a15c-4cc7-8efa-2529d0df0637
.bidswitch.net/	1970-01-20 14:58:08	Name: c Value: 1663952731
.adsrvr.org/	1970-01-20 14:58:08	Name: TDCPM Value: CAESEgoDYWFtEgsIqrD__vrjjjsQBRIZCgpyaWdodG1lZGlhEgsIhPCEm_vjjjsQBRIWCgdydWJpY29uEgsI6MyhnPvjjjsQBRIVCgZnb29nbGUSCwis95Oh--OOOxAFEhUKBmNhc2FsZRILCKz3k6H74447EAUSGAoJYmlkc3dpdGNoEgsI8NSIo_vjjjsQBRIXCghwdWJtYXRpYxILCPDUiKP74447EAUYBSACKAMyCwjwzIvQkeSOOxAFQg8iDQgBEgkKBXRpZXIyEAFaB3ZyZ2VzNm5gAQ..

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self' https://pay.google.com".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 403 ()
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=cb51f9a2-abab-470b-af8b-e2ddfa2619f5&gdpr=0&gdpr_consent=&expires=30&next=https%3A%2F%2Fmatch.adsrvr.org%2Ftrack%2Fcmf%2Frubicon Message: Failed to load resource: the server responded with a status of 422 (Unprocessable Entity)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8228261.fls.doubleclick.net
a20352597942.cdn.optimizely.com
acdn.adnxs.com
adservice.google.com
adservice.google.com.au
au-gmtdmp.mookie1.com
au-script.dotmetrics.net
au.audience.newscgp.com
au.pixel.newscgp.com
au.tags.newscgp.com
beacon.krxd.net
bs.serving-sys.com
c1e793a1500f6f593bf682a40481b742.safeframe.googlesyndication.com
cdn-gl.imrworldwide.com
cdn.optimizely.com
click.e.geelongadvertiser.com.au
cm.everesttech.net
cm.g.doubleclick.net
commerceapi.news.com.au
connect.facebook.net
content.api.news
d.turn.com
d3273622690172371738-t8729284472680427041.id.amgdgt.com
dpm.demdex.net
dsf.newscorpaustralia.com
dsum-sec.casalemedia.com
dt.scanscout.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
insight.adsrvr.org
irf9txootzmfmmafcw6jhsra4faf01663952728.nuid.imrworldwide.com
js.adsrvr.org
js.stripe.com
lm.serving-sys.com
login.newscorpaustralia.com
logx.optimizely.com
m.stripe.com
m.stripe.network
match.adsrvr.org
metrics.geelongadvertiser.com.au
ncg.tags.news.com.au
news.google.com
newscorpau.demdex.net
newscorpau.sc.omtrdc.net
pagead2.googlesyndication.com
pay.google.com
pixel.rubiconproject.com
pixel.wp.com
play.google.com
ps.eyeota.net
q.stripe.com
r.stripe.com
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum.casalemedia.com
stats.wp.com
subscriptions.geelongadvertiser.com.au
subscriptions.news.com.au
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.geelongadvertiser.com.au
www.google-analytics.com
www.google.com
www.google.com.au
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
login.newscorpaustralia.com
103.231.98.194
103.71.26.125
104.18.18.126
104.18.19.126
104.254.151.120
104.254.151.69
104.69.149.41
104.71.48.190
104.71.48.207
104.83.196.116
104.83.196.200
104.83.196.208
13.111.42.176
13.210.135.68
13.215.111.251
13.224.250.112
13.224.250.2
13.224.250.29
13.224.250.85
142.250.4.100
142.250.4.92
142.251.10.104
142.251.10.149
142.251.10.156
142.251.10.94
142.251.10.97
142.251.12.100
142.251.12.132
142.251.12.138
142.251.12.156
151.101.128.176
151.101.130.49
151.101.65.108
151.101.65.44
157.240.7.26
157.240.7.35
172.217.194.156
18.139.197.60
18.140.27.177
18.155.68.45
18.155.68.87
192.0.66.58
192.0.76.3
199.127.207.180
23.199.136.8
23.207.37.206
3.1.114.116
3.126.61.30
34.210.169.61
35.174.143.220
35.213.12.39
35.227.202.26
35.244.159.8
35.71.131.137
42.99.140.160
50.116.239.135
50.116.239.150
52.221.36.185
52.74.162.2
52.77.12.90
52.84.228.218
54.148.34.38
54.187.119.242
54.187.159.182
54.192.150.112
54.192.150.97
54.82.104.152
63.140.48.135
63.140.48.177
67.199.150.86
69.173.158.64
74.118.186.44
74.125.200.154
74.125.200.94
74.125.24.156
74.125.68.156
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
024a435dcde1fb6677eb40f9dad2563e398d1b4725d423e9970e354c5de599ef
07cd79c362ffa4d5954d8528a57b9f960aa15bbc4be24baeb73ef117ea6e1cd5
09522073c5b65206a3115d5cd52bb393ad0915bb1c7b5d6455c14bca8e21f99f
0a321171fcfb6e24148bc777ab4cb5f9bc5b72ce93f5e64c8f35c75c0024ee7a
0b3376aa27741ca90899fed12bcccbf1ea22edb596846ba6b26e263463686590
0b3df96e89adc582f002f9566aff43edf002b15e1181779306da68e60a823391
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0fc8a6e495e7cd447608aea7e0cd59b0e79bd4e74822d428c53880ac0db6c469
127ee217132b3ce17c570a754d44573157e26cb5dc28a09cc6dab18eb6e3b01d
149fc725698121ad80649bd3cbae47790208ad23eb6ea345d260ef9c1431f654
14ec3652d79b8821f210025646a6ced247974b7dd2c5c343c3ef2872ccfd6013
16c04ef87b0e9fc4bc5f85f34aad3ea546b78f0521e00bf2318f81e7a6639a87
176a4d7346001286ad894be3cc341bd466f932e48f947c14deddd5ce422ac519
1942eb78035d8acf516783864ed94da8348fd7424555584117d29f5d10088d35
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1bc3625c4e923d79a85677113b548e5444129ead716d43e10e2a6e9d56939143
1e119e9797d74ca45555e33fabec6cba1a2c70c0e0e0960d48495cda61572b08
1edfc18b553353ded6c3c93cb4ecc146d8237545c675ba362501b8cd0533634a
20f49f0db7532ac0db43a8e565d818845e15162ff2d73d0ef03b6d787dfb4430
21f20f84cde9b9bb5d03446360d1909696d9e346bd970e8306a3d0565a82fc82
23d94b3877e873dff9124312f3627f15071fe84a751d32c6e76b4c693ce8a9b9
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272f43023f19753adcf790f4c25f9735c731d26adcb6efe98053522a68b9b930
2892817176964f59ba93ecadac23067e3b8b7f2dccc243bba87cd206adf05a7c
289769da01b76f2bdb18bcf772ac90cf89861cfde526dc8ec0218a6a9b8ccb63
29bb14d12ff9ab767375aee6f4fc6c8e9462639edda07da757e5868fcc32430d
2b18e69e2b26bba597286ca0bff7398a9fcb561b84692e2a972994d597cd03d5
2d0ade31483bf44bbdbc9822066eaebf674738b370092fcfc8295e7ae3195d98
2de22d2cce6ccf2563f2b8f8ebf6840fcb0915a8fbe0d3e88a4321b8d0b6b8ea
2e2a5225787112ba7932be82a31c6d8cba4339c226cda044be0373e7a1d7000e
2f7fd72d7b53a6c582d8d7d139e813eeeacba5f8dadd49c7c677c5b8dc9d1ede
347ee8135c8c05cd58a07015f7b73a103061a1d6a2d7b2991059eba32eb91f6f
369b0ad32cb6966ef124ab33c4187f851c987e29d5c21d7d3aa47a140ab18429
36e299f45673885e6b5d62d38c3b76d863aa2a0b511a2c1327359273380703a0
37af54874d102f59838ab28c7294c8efd46b1b2f56fe981f3f354cae3a5484e7
388d1df3fdfee665c3bc7d059e42500524e8f180febba13620847ec8b836fd33
3a12cd2061c21c0041d63028abb671b7227b2cbcbac54ee7e93430f5daa6f5b6
3c32514fadd676a017f3c95640113fd543829bba6f00b91c5b74890bb933787d
3d9485951bf56456afeab1b1f542cbac2f28baa83501b86994c7cadaa6f41dff
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
437243047ed330d9a1e4d159689b3a60d8a87c6f6e9797f66c636fe9a831982e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45a3a17052c7aed058cc6448c77342274487616cd2754fe66b472edcf24fab0e
45a844d6787e4364f8c0ab321b2d5680d48604886d045685b6bf9c582518db9d
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48e995c834f9cbb64904650cbb722ab0c92effb6c59cf493aa055fcc1fc0417a
4a2f1731fee4563a56f39535f498446a41f7e16654f58ae7c8fee387aaad7d55
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1a4f2c605f26bcf80a2cd8e5d48e887c2062a53cd1d993cb05250223e386a6
4fb4fc76b5ce90dfaedc02d6117746cd4afcc8dd55527f77d7c22d95be130459
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551c71f7ac1cd64bcaae0fdad7d5991e712e010f9fd2cad47af5df4c652b4bab
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56bc687b2a58d0145a7ab051dba9a1c8d64ff4bc048122726ed0960686e6d2e6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61358fb812bad1be0aea1582e0fa65a4ab02e0c1ed79281bbccf834ea3fcb333
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6586fcb06dd096b64abb602bc66800564691569011681db3f8b0cc59083be81d
67cfc1450a8d613a54b109ff99f56644c72e86672634be26c11e6c7debcdc538
68a0b6e695a46086618ec63ed124264f0f6d7ec9b668eea2ed4e8a583a95645e
698b75b34c376b73b97acf42f0ec14f3554b420e658c4fe98d87721e4b5f7d8a
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b214604855c1eb69b60f85893074a0a075a15473729bca9cc3dde3b5d1009ce
6d422eaf41ab920c8ce99379cec61f704b1710b183c0a0523986906851e0a0ab
6e02d532255755964d5ec0312b0d9a1389afb3965f9cd7850191f68e7391d85b
704de20959867ad7e42c0e25a807e6a87daab17c4e8755cdf36fa105f6a7400f
736c2d3c83596bc17524d1a9bce892412356d62d1cf2093c3346c6a89172ed94
73a2e968573cdebeb06619be73e0eed1863d513e6ff521fe671d9379f4315eeb
7442e692879c01ba748c0983846de8c57584037307522d2bc656e311652a9383
749fd6652ec21f86b1e7d85bac51e155a9e570c9c7b93b3afdef6778c1a58b77
75839e3ea0cd949a33dc21dd8b0931f396829fea8e0e3148b576b1228f40e469
79db4d79a6e53e3aa9b5703a1156cc9accef42d4d3d31b5019d2eabf216fa751
7a15a7c250eb25e8a28fa5e020fc15d656966115577ba4f51c19274149a48e56
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7d6cb07f5836ea5b63a4b5ccf1645bb333ffbbaca64f145bad6a6e4abc6f4f1d
7ef92b289510806c5cb30ffb6afc031d276874b28e33f8afa1eba7dbfcc68ead
7f601a8f162545a5b8aa2e2d05a4fc4bd508efd9ec19c65df29f6627edcbbd4a
807e175766c2c674c6b890c69ae198694556bc155ada2e747a01aa92af772adb
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
832b084b3f2c371fd3f3f020bab83288b85c14c1185cc2ebed72bf5eb16af415
844bfb2ff3311ad9b5611b51d8c72e0c483a8ceafe7c625a5c321637f9277399
84a1b3effb0f9966d6d7d65d3de620697d259a669b9753d569a00545f8abd8fe
8640916aba1207e4fcff9c894252543689989434cd9fc0dabd4cee60b3e763a5
86e8ed098febe4691b72980ac9bb22f6370cd6fb7fd50f2fc3ca41f5a24c6ed7
87f9dd28eeec028a050aa297c049f267f5c853a542a2cc1dccbd010b50f6e855
88641804179ca6d14134f9c4ae904f672f24af374aee53e4026a2cc3bc722836
89a2c11109b088d0a1a5ec2dd0617966800807ee37422808450e24c73bc56363
89da578aaa16b9713b817c3b4dcb76703649c53e3dcc770e1ef2b1cba12c2231
89de2f207fac8289b2b0d7300b282db8347db9f3098a30662c72ced8c199971c
8ac972a09f7caaa1a2405c1ff7939e29b552d5f4f72c32886f32ce7df302344d
8c3392e876d4b5c778e0d0ae787502252e3353b59149063e1f6a1a85216cb9e5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ff331fb48dd93bc0b5b72afcc873abc11c0a97e3a2bed8b88f2e3c820aad630
9261c4d1593044f0b7105e19b4b7183f79ac9afc4c5d8038e653adfb72370d4d
94d3dc2f8019650f33f4d269cbbd70b5726efda4f2d95d7e44eefa3dde5071d4
95cc102d61755c53c91fc8a58f6dd2c802cf284e9dc6ac46dee450434f26461b
97d903384eeb1e36a168f4840a2695b53d6934bf75defb1069dc4211764307e1
99cd1477bda31cad3ee6203eca933e2be94f4f65e4e21cab8847a99333f3c39c
9aa4717548dfbefc2bab0e5b0240edcee4172bb02283c05cdcb49d35897110f2
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a25c62b74e9d4afeff082da50c9d6bf499d0334a9b34c6333ab2553e8df1038f
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d684127143e647bff803e2f6070adafdfbcf4eb8c2a683146ca67dbcc184c8
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
a6a5df45585507bf19411bd1c1b44eeabd7b4c1f4e0d0862e3d63f56f6390772
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a99069d0051c484212a1c00a967f6c8ff9d36d82f5d814fd99ca58f8997c984e
ab7227f2ae21f2daf452863dfa171d2f5c902bf6f12deecd773ef6cb6e06d710
ab9d0b7a028073459133d9cebc6bfdf5e7da7b3e436a04f338f7bb49f1155aa6
ae6930a532e37f08751b8f294f5f02e79fcb2f89b893c2f2a7dd6b817d6d09b1
af323e9d24abded64a2063999cb90b9d638e333e16b820e1efa721a9b3195a01
b07f5a1999429f79826a2454193403d52131db0eab4dfbd79a38b8d980808ed3
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2b147d28d20803331bc8aeadf47a991a48666df569abc2aff53da953acb5361
b7e9fa1a862f8d102151ea915efdb826875e8be0005856daedf415ffe6b2bbd5
b901896774ff2a65d437a130496520ecad3e41c58258be519c8059a0196518c6
ba2338aa6670580269c762f51c4291daef913201aa8f4d4fd166c1a878262652
ba3a9f8793c57a357f1f6c5ca68d73059e6c3b0ee8974e7b06819afd077367b6
bde06a0400c168573473e2de967d842eec383f2f755aef4ec017b2f333e7ff85
c0c133d23ff7782ac7c5b249076893ac92867f52121773ccb31894098cc57d92
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c261147bf4256326fe74979596ca8fb13dae170d9b7586b1edbf7f0bb2fe9cf6
c33c60d014227b42c513820e6d750cced736cda305beb7d6a20e35afe502648c
c3efea0e4aff2cd8ccdcf7cc364c7ec0348b35d540dc95ad51b3aa6d50297635
c853664140e6ba15f2e1e5800cf192893a81e742044e27df50fa3d5c4d357cd2
ca12dd093752cabfb42beabcf2bbaaab9bb037d28493b38b1d57e160a205dc15
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
ccda4fea5d95b6e07fadfff761f20fd106531b7f780fe470aa565f4c365301d7
ce0521f284da500d2370fa55cb67572b396580e84c0a5a5c3a9513c1928ee665
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d4a2fce65d2d504b230a33f50280f034564461cdf46d929ef540790208f8df47
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
decb034877da19aeeff8d72d02419e8637869d680408e609e35b1adb58ae5b38
dfad6d1cecf7337dcd922f1fab22a655d9e28aedddebb6d8ef5c07c8c277009b
e040dafbba27341d432638041fef9d6696745285ad9660674c1e0bc7e33b808e
e2a8f1b05098bc31a30434c2044e85d66ba0fd5fe17ad7be5df9ba4fd5682a0b
e30565d344697a80f05882c11755c6d6a71626791bbc124df343b5edc7901312
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70bd440c10e5906797794cb77fa09cede63306250588bce7ed75f466b41884d
ea23e44dc65abbc96dc139c145b1402a4e49921975f38c20198c88942c7c2cb3
eb9238478e06de700052e21de7855286b1541fa73ca3ae4b1bc75131f8bebff2
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
eee4b740fa1ca55446b70cfbdc4ce54b00362f9ccd61c3db2c5f6fe432c340ad
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f033d6a9b4acc24957ac5ca92d278b9aca16ec1b264658ae3267b1efa6ef4a5e
f2222532e695e0cbb2fdd15de28966772d2ee7e142fcbcb999e4a21c7e925413
f2696e8eb9d876987998374c51e4d14a24f6f24a23fe697493ebf761c3bcc4b9
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083
f6b79bfd9363ba4f751ad41230d958bbe7d2536386e57cbf3270c01aefbb09da
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fe73f1fd4b06562be19aaeccf8ffeb47aa50dbc383d2e7e0a103ece055aea89c
fee943a9dad82106a8ac253ed19352785e2db488595759bfb36e8951bc300dd3

www.geelongadvertiser.com.au Open in urlscan Pro 104.83.196.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

275 Requests

90 %HTTPS

0 %IPv6

44 Domains

85 Subdomains

65 IPs

9 Countries

3656 kBTransfer

10737 kBSize

81 Cookies

14 Outgoing links

Page URL History

Redirected requests

275 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.geelongadvertiser.com.au Open in urlscan Pro
104.83.196.116 Public Scan

Screenshot
Live screenshot

Full Image

275
Requests

90 %
HTTPS

0 %
IPv6

44
Domains

85
Subdomains

65
IPs

9
Countries

3656 kB
Transfer

10737 kB
Size

81
Cookies

275 HTTP transactions
3 data transactions