www.plusrewards.com.au Open in urlscan Pro
172.67.68.104 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.plusrewards.com.au/dailytelegraph
Submission: On June 08 via api (June 8th 2023, 8:01:14 pm UTC) from US — Scanned from AU

Summary HTTP 110 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 43 IPs in 3 countries across 34 domains to perform 110 HTTP transactions. The main IP is 172.67.68.104, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.plusrewards.com.au.
TLS certificate: Issued by GTS CA 1P5 on April 16th 2023. Valid for: 3 months.

This is the only time www.plusrewards.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	172.67.68.104 172.67.68.104	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	74.125.203.95 74.125.203.95	15169 (GOOGLE) (GOOGLE)
2	96.17.72.59 96.17.72.59	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.66.217 151.101.66.217	54113 (FASTLY) (FASTLY)
2	52.84.251.5 52.84.251.5	16509 (AMAZON-02) (AMAZON-02)
2	157.240.235.1 157.240.235.1	32934 (FACEBOOK) (FACEBOOK)
2	64.233.188.94 64.233.188.94	15169 (GOOGLE) (GOOGLE)
7	23.207.180.192 23.207.180.192	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.207.180.112 23.207.180.112	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.76.199.21 52.76.199.21	16509 (AMAZON-02) (AMAZON-02)
3	157.240.235.35 157.240.235.35	32934 (FACEBOOK) (FACEBOOK)
4	142.251.8.155 142.251.8.155	15169 (GOOGLE) (GOOGLE)
1 2	74.125.204.97 74.125.204.97	15169 (GOOGLE) (GOOGLE)
2	151.101.193.175 151.101.193.175	54113 (FASTLY) (FASTLY)
2	104.69.163.134 104.69.163.134	16625 (AKAMAI-AS) (AKAMAI-AS)
3	13.224.249.23 13.224.249.23	16509 (AMAZON-02) (AMAZON-02)
1 12	52.43.205.135 52.43.205.135	16509 (AMAZON-02) (AMAZON-02)
4	54.192.150.4 54.192.150.4	16509 (AMAZON-02) (AMAZON-02)
1	64.233.188.156 64.233.188.156	15169 (GOOGLE) (GOOGLE)
1	13.224.249.127 13.224.249.127	16509 (AMAZON-02) (AMAZON-02)
1	54.148.193.151 54.148.193.151	16509 (AMAZON-02) (AMAZON-02)
2	63.140.36.117 63.140.36.117	16509 (AMAZON-02) (AMAZON-02)
1 1	54.255.42.190 54.255.42.190	16509 (AMAZON-02) (AMAZON-02)
1	74.125.23.157 74.125.23.157	15169 (GOOGLE) (GOOGLE)
1	64.233.188.154 64.233.188.154	15169 (GOOGLE) (GOOGLE)
1	74.125.204.132 74.125.204.132	15169 (GOOGLE) (GOOGLE)
2	3.1.142.54 3.1.142.54	16509 (AMAZON-02) (AMAZON-02)
1	54.192.150.79 54.192.150.79	16509 (AMAZON-02) (AMAZON-02)
2 3	104.254.151.68 104.254.151.68	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	50.116.239.135 50.116.239.135	6336 (TURN-US-ASN) (TURN-US-ASN)
2	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	142.250.157.155 142.250.157.155	15169 (GOOGLE) (GOOGLE)
2 2	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	23.207.180.199 23.207.180.199	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	139.5.84.243 139.5.84.243	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	199.127.207.188 199.127.207.188	26120 (RHYTHMONE) (RHYTHMONE)
2 2	18.141.109.184 18.141.109.184	16509 (AMAZON-02) (AMAZON-02)
1 1	52.3.183.164 52.3.183.164	14618 (AMAZON-AES) (AMAZON-AES)
1	44.226.10.111 44.226.10.111	16509 (AMAZON-02) (AMAZON-02)
1 1	104.69.166.9 104.69.166.9	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1 2	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	207.65.33.82 207.65.33.82	() ()
1 2	103.71.26.125 103.71.26.125	() ()
1	151.101.129.44 151.101.129.44	() ()
1	74.118.186.107 74.118.186.107	() ()
4	74.125.204.155 74.125.204.155	15169 (GOOGLE) (GOOGLE)
1	35.241.45.82 35.241.45.82	15169 (GOOGLE) (GOOGLE)
3	142.251.8.132 142.251.8.132	() ()
1	64.233.188.147 64.233.188.147	() ()
110	43

25 172.67.68.104 (United States)

ASN13335 (CLOUDFLARENET, US)

www.plusrewards.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.203.95 (United States)

ASN15169 (GOOGLE, US)
PTR: th-in-f95.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 96.17.72.59 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a96-17-72-59.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.66.217 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.84.251.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-5.sin5.r.cloudfront.net

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.235.1 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-04-sin6.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.233.188.94 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 23.207.180.192 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-192.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.180.112 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-112.deploy.static.akamaitechnologies.com

www.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.76.199.21 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-199-21.ap-southeast-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.235.35 (Singapore)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-04-sin6.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.8.155 (United States)

ASN15169 (GOOGLE, US)
PTR: tb-in-f155.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.204.97 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ti-in-f97.1e100.net

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.175 (United States)

ASN54113 (FASTLY, US)

nebula-cdn.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.69.163.134 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-163-134.deploy.static.akamaitechnologies.com

login.newscorpaustralia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.249.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-23.sin52.r.cloudfront.net

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.43.205.135 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-43-205-135.us-west-2.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.192.150.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-4.sin2.r.cloudfront.net

au-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.188.156 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f156.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.249.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-249-127.sin52.r.cloudfront.net

rm-script.dotmetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.148.193.151 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-148-193-151.us-west-2.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.36.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-36-117.data.adobedc.net

metrics.plusrewards.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.255.42.190 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-255-42-190.ap-southeast-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.23.157 (United States)

ASN15169 (GOOGLE, US)
PTR: tg-in-f157.1e100.net

adservice.google.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.188.154 (United States)

ASN15169 (GOOGLE, US)
PTR: tk-in-f154.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.204.132 (United States)

ASN15169 (GOOGLE, US)
PTR: ti-in-f132.1e100.net

c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.1.142.54 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-1-142-54.ap-southeast-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.150.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-79.sin2.r.cloudfront.net

cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.254.151.68 (Los Angeles, United States) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.116.239.135 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.157.155 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ta-in-f155.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.71.131.137 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.207.180.199 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-207-180-199.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 139.5.84.243 (Canada) 3 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.188 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.109.184 (Singapore) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-109-184.ap-southeast-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.183.164 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-183-164.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.226.10.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-226-10-111.us-west-2.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.69.166.9 (Singapore) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.66.49 (United States) 10 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 207.65.33.82 (None, )

ASN- ()

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.71.26.125 (None, ) 1 redirects

ASN- ()

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.44 (None, )

ASN- ()

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.118.186.107 (None, )

ASN- ()

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.204.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ti-in-f155.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.82 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 82.45.241.35.bc.googleusercontent.com

udc-neb.kampyle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.251.8.132 (None, )

ASN- ()

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.188.147 (None, )

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	plusrewards.com.au www.plusrewards.com.au metrics.plusrewards.com.au	4 MB
13	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 219 newscorpau.demdex.net — Cisco Umbrella Rank: 114706	17 KB
11	everesttech.net 11 redirects cm.everesttech.net — Cisco Umbrella Rank: 1108 sync-tm.everesttech.net — Cisco Umbrella Rank: 748	2 KB
8	googlesyndication.com c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127 tpc.googlesyndication.com	41 KB
8	news.com.au tags.news.com.au — Cisco Umbrella Rank: 53518 www.news.com.au — Cisco Umbrella Rank: 71559	200 KB
7	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218 stats.g.doubleclick.net — Cisco Umbrella Rank: 121 cm.g.doubleclick.net — Cisco Umbrella Rank: 248	152 KB
6	imrworldwide.com cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 3160 secure-sdk.imrworldwide.com — Cisco Umbrella Rank: 7628 cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459.nuid.imrworldwide.com	68 KB
5	dotmetrics.net au-script.dotmetrics.net — Cisco Umbrella Rank: 51838 rm-script.dotmetrics.net — Cisco Umbrella Rank: 5437	21 KB
4	casalemedia.com 3 redirects ssum.casalemedia.com — Cisco Umbrella Rank: 1360 dsum-sec.casalemedia.com	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
3	kampyle.com nebula-cdn.kampyle.com — Cisco Umbrella Rank: 4570 udc-neb.kampyle.com — Cisco Umbrella Rank: 2142	90 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 102	1 KB
3	serving-sys.com secure-ds.serving-sys.com — Cisco Umbrella Rank: 2272 bs.serving-sys.com — Cisco Umbrella Rank: 1340	24 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net — Cisco Umbrella Rank: 491	500 B
2	krxd.net 1 redirects usermatch.krxd.net — Cisco Umbrella Rank: 1593 beacon.krxd.net — Cisco Umbrella Rank: 649	528 B
2	eyeota.net 2 redirects ps.eyeota.net — Cisco Umbrella Rank: 1118	1 KB
2	pubmatic.com image5.pubmatic.com — Cisco Umbrella Rank: 60113 image2.pubmatic.com	453 B
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 385	954 B
2	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 636 pixel.rubiconproject.com	1 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 106 www.google.com	2 KB
2	newscorpaustralia.com login.newscorpaustralia.com — Cisco Umbrella Rank: 135016	3 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 458	17 KB
2	gstatic.com fonts.gstatic.com	30 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 170	114 KB
2	tiqcdn.com tags.tiqcdn.com — Cisco Umbrella Rank: 1047	15 KB
1	1rx.io sync.1rx.io	99 B
1	taboola.com trc.taboola.com	374 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 635	569 B
1	scanscout.com 1 redirects dt.scanscout.com — Cisco Umbrella Rank: 43484	698 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1536	402 B
1	google.com.au adservice.google.com.au — Cisco Umbrella Rank: 103132	531 B
1	ravenjs.com cdn.ravenjs.com — Cisco Umbrella Rank: 8889	14 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	1 KB
110	34

	Domain	Requested by
25	www.plusrewards.com.au	www.plusrewards.com.au
12	dpm.demdex.net	1 redirects www.plusrewards.com.au cdn.ravenjs.com
10	sync-tm.everesttech.net	10 redirects
7	tags.news.com.au	tags.tiqcdn.com cdn.ravenjs.com
4	pagead2.googlesyndication.com	cdn.ravenjs.com tpc.googlesyndication.com
4	au-script.dotmetrics.net	tags.news.com.au www.plusrewards.com.au au-script.dotmetrics.net
4	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net cdn.ravenjs.com
3	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
3	ib.adnxs.com	2 redirects
3	cdn-gl.imrworldwide.com	tags.news.com.au cdn-gl.imrworldwide.com
3	www.facebook.com	www.plusrewards.com.au
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	ps.eyeota.net	2 redirects
2	ssum.casalemedia.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	secure-sdk.imrworldwide.com	www.plusrewards.com.au
2	metrics.plusrewards.com.au	cdn.ravenjs.com tags.news.com.au
2	login.newscorpaustralia.com	www.news.com.au www.plusrewards.com.au login.newscorpaustralia.com
2	nebula-cdn.kampyle.com	tags.tiqcdn.com nebula-cdn.kampyle.com
2	ssl.google-analytics.com	1 redirects tags.tiqcdn.com
2	fonts.gstatic.com	fonts.googleapis.com
2	connect.facebook.net	www.plusrewards.com.au connect.facebook.net
2	tags.tiqcdn.com	www.plusrewards.com.au tags.tiqcdn.com
2	secure-ds.serving-sys.com	www.plusrewards.com.au secure-ds.serving-sys.com
1	www.google.com	tpc.googlesyndication.com
1	udc-neb.kampyle.com
1	sync.1rx.io	www.plusrewards.com.au
1	trc.taboola.com	www.plusrewards.com.au
1	image2.pubmatic.com
1	pixel.rubiconproject.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com	www.plusrewards.com.au
1	token.rubiconproject.com	www.plusrewards.com.au
1	d.turn.com	1 redirects
1	cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459.nuid.imrworldwide.com	www.plusrewards.com.au
1	c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.com.au	securepubads.g.doubleclick.net
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	rm-script.dotmetrics.net	www.plusrewards.com.au
1	stats.g.doubleclick.net	www.plusrewards.com.au
1	bs.serving-sys.com	secure-ds.serving-sys.com
1	www.news.com.au	www.plusrewards.com.au
1	cdn.ravenjs.com	www.plusrewards.com.au
1	fonts.googleapis.com	www.plusrewards.com.au
110	52

This site contains links to these domains. Also see Links.

Domain
www.dailytelegraph.com.au
preferences.news.com.au

Subject Issuer	Validity	Valid
plusrewards.com.au GTS CA 1P5	`2023-04-16` - `2023-07-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
secure-ds.serving-sys.com R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2023 Q2	`2023-06-03` - `2024-07-04`	a year	crt.sh
tags.tiqcdn.com Amazon RSA 2048 M01	`2023-04-18` - `2024-05-17`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-18` - `2023-06-16`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
news.com.au GeoTrust RSA CA 2018	`2023-01-11` - `2024-01-17`	a year	crt.sh
bs.serving-sys.com Amazon RSA 2048 M01	`2023-03-26` - `2024-04-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.kampyle.com GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-26` - `2023-12-28`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.dotmetrics.net Amazon RSA 2048 M01	`2023-03-01` - `2023-10-21`	8 months	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
metrics.plusrewards.com.au DigiCert TLS RSA SHA256 2020 CA1	`2022-06-30` - `2023-07-31`	a year	crt.sh
*.google.com.au GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon RSA 2048 M01	`2023-04-12` - `2024-05-10`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2022-06-28` - `2023-07-29`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-19` - `2023-08-11`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.plusrewards.com.au/dailytelegraph
Frame ID: E2F0446DBB157664FCD622BD78D5D2D4
Requests: 74 HTTP requests in this frame

Frame: https://login.newscorpaustralia.com/authorize?client_id=w6UcQBn6GV4T3yruKfGKaSeMdXC66oM6&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.plusrewards.com.au%2Fauth%2Fcallback&state=MbwKfXwJayIB2IMed0EclgZFX9Kk~_~h&nonce=z-IhgtZ0NudIAkwjcQkEIxw_KPxz4Lnt&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMC4yIn0%3D
Frame ID: FAB39B9A9C569CC44EB18946C8A8D081
Requests: 5 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 3296F7D353D499CC0E74D40963CBCFEB
Requests: 22 HTTP requests in this frame

Frame: https://c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4462C24B462F943E2DDD05A3F7B107EC
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 25F4ED82316783779D25BED968AAACE9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 166D98C3B1874BD31354C9CB527B60F2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3DC46E9C28758D8CEE2EACABDDB15B8B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | +Rewards

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

110
Requests

78 %
HTTPS

0 %
IPv6

34
Domains

52
Subdomains

43
IPs

3
Countries

4808 kB
Transfer

8015 kB
Size

66
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dailytelegraph.com.au/
Title: Visit The Daily Telegraph

Search URL Search Domain Scan URL

URL: https://www.dailytelegraph.com.au/subscribe/news/1/?utm_medium=rewards-portal&int_source=onsite-link&int_campaign=acq_plusrewards_portal&int_content=various&sourceCode=DTWEB_LAN1113
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://preferences.news.com.au/#optout
Title: here

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1686254457277 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1686254457277

Request Chain 52

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=824659571&utmhn=www.plusrewards.com.au&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20%2BRewards&utmhid=1186991900&utmr=-&utmp=%2Fdailytelegraph&utmht=1686254457871&utmac=UA-5748164-21&utmcc=__utma%3D215327702.341549740.1686254458.1686254458.1686254458.1%3B%2B__utmz%3D215327702.1686254458.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1315832872&utmredir=1&utmmt=1&utmu=qhAgAAAAAAAAAAAAAgAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5748164-21&cid=341549740.1686254458&jid=1315832872&_v=5.7.2&z=824659571

Request Chain 66

https://cm.everesttech.net/cm/dd?d_uuid=12901346719318198480518308526939798053 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIIzfgAAAEUOagN8

Request Chain 76

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5061789209107464973

Request Chain 78

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8382666099272121344

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTI5MDEzNDY3MTkzMTgxOTg0ODA1MTgzMDg1MjY5Mzk3OTgwNTM= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEMf-eeTNXGBMutmJrSun1I&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 81

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.plusrewards.com.au&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.plusrewards.com.au&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=795ca62c-1158-48aa-bbb7-b88307218f7d

Request Chain 83

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIIzfpt74ggyRyWVvTnCtAAA%264857

Request Chain 84

https://dt.scanscout.com/ssframework/uid?UIAA=12901346719318198480518308526939798053&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-87073e4745fb36fd1f73de58c26c9c5d

Request Chain 85

https://ps.eyeota.net/match?bid=6j5b2cv&uid=12901346719318198480518308526939798053&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=12901346719318198480518308526939798053&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 86

https://usermatch.krxd.net/um/v2?partner=adobe&id=12901346719318198480518308526939798053 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12901346719318198480518308526939798053

Request Chain 87

https://tags.bluekai.com/site/43981?id=12901346719318198480518308526939798053&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 88

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=ZIIzfgAAAYVnaQBR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WklJemZnQUFBWVZuYVFCUg==&_test=ZIIzfgAAAYVnaQBR

Request Chain 90

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZIIzfgAGFCxRKABI HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZIIzfgAGFCxRKABI&expires=90&_test=ZIIzfgAGFCxRKABI

Request Chain 91

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIIzfgAAAEUOagN8 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIIzfgAAAEUOagN8&C=1

Request Chain 92

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=ZIIzfgAAAEUOagN8

Request Chain 93

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIIzfgAGFCxRKABI HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZIIzfgAGFCxRKABI

Request Chain 94

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZIIzfgAGFCxRKABI

Request Chain 95

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZIIzfgAGFCxRKABI&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZIIzfgAGFCxRKABI&img=1&__user_check__=1&sync_id=33cce126-0637-11ee-b402-12ab75a30107

Request Chain 96

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZIIzfgAGFCxRKABI&t=2592000&o=0

110 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request dailytelegraph Show response
www.plusrewards.com.au/ 308 KB
30 KB 930ms
286ms Document
text/html 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07a15df337fccae33da1feca676790dcbdfd3c2f9745dc884fed8dbbcb6420f5

Security Headers

Name	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self' https://myaccount.news.com.au https://myaccount.news.com.au
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 0
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 7d43b9319f8ca883-SYD
content-encoding: br
content-security-policy: default-src * 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self' https://myaccount.news.com.au https://myaccount.news.com.au
content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 20:00:51 GMT
expires: 0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTzuVPGyZgfPuTxeJhR3M13ByD8qAC9uAE1OrDRLYSfW9%2FY8hXkrYUkvGxc8PZmRjRH5t3KGHNrj6vCxl8xeozHabZ0VZcBzpTb2c4f3beF9EdUVMQhMrbH7YPwfjLpEiEm0TVo5KkI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0)
x-clock-cacheable: NO:No TTL
x-content-type-options: nosniff
x-frame-options: sameorigin
x-response-time: 98.865ms
x-ua-compatible: IE=edge,chrome=1
x-varnish: 95257698
x-xss-protection: 0

GET
H2 200 index-rewards.css
www.plusrewards.com.au/assets/css/7468861eb4a4bbc2ee20effa31fb2827/ 120 KB
19 KB 175ms
174ms Stylesheet
text/css 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plusrewards.com.au/assets/css/7468861eb4a4bbc2ee20effa31fb2827/index-rewards.css

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c951567b079e3831dabf4b934a11b9b2934dca7ef518766759f4b5eb5609e0f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20600504
content-encoding: br
x-clock-cacheable: NO:Cookie
x-response-time: 5.514ms
last-modified: Thu, 13 Oct 2022 09:37:42 GMT
server: cloudflare
etag: W/"1dfe1-183d0b4f16d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WfiIbriJW3ZTlx%2BxcCBx2nQQgKIXM4Yjqci12PaLFIMuU9c2uOJ1QfwKHze5O1fg3A05T7nczckuwdrYdpvu2VfnWRXATXQYbXJapWH%2BBp3G4HCi%2FcpE7H1dN8f949%2BIG2PkY3eiqUk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
x-varnish: 50377166
cache-control: public, max-age=31536000
cf-ray: 7d43b9338852a883-SYD

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 1206ms
302ms Stylesheet
text/css 74.125.203.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.203.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

th-in-f95.1e100.net

Software

ESF /

Resource Hash

ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 08 Jun 2023 20:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 08 Jun 2023 18:46:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 08 Jun 2023 20:00:52 GMT

GET
H2 200 dt-rev.png
www.plusrewards.com.au/darkroom/original/0146afbbdbbb3c5d9fd418cd2856f8ed:fbe2c83f15abec67fced19e470b0fdbb/ 4 KB
4 KB 207ms
205ms Image
image/png 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/original/0146afbbdbbb3c5d9fd418cd2856f8ed:fbe2c83f15abec67fced19e470b0fdbb/dt-rev.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18b976f0baead5dee34ba127ca6bf69673c0bc125a84a8ea72e9d5b61d23ccd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-application-method: Original Image
date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10780129
authorized-request: /original/0146afbbdbbb3c5d9fd418cd2856f8ed:fbe2c83f15abec67fced19e470b0fdbb/dt-rev.png
x-clock-cacheable: YES
content-length: 3948
d-cache: MISS
last-modified: Sat, 04 Feb 2023 01:32:02 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2ElqKJmMnKa0tVgNzI1TfgGPqYedwVjJb8nd0SsAEMetFoZH6RY4Q4oTD%2BAVIYrHUJhWIEre59sBB00JZlBAKmJyNGkXsByIpcbBPx9r60dQsdGUqD%2FdAkNTKxO%2FMi%2FF9dYTW5%2BGRk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=binary
x-varnish: 68378952 197136
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b9338855a883-SYD

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 76 KB
23 KB 1338ms
333ms Script
application/javascript 96.17.72.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.72.59 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-17-72-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:52 GMT
content-encoding: gzip
x-amz-request-id: WFRXYGFEBTJ43EZ9
x-amz-cf-pop: MIA3-P4
x-amz-server-side-encryption: AES256
server-timing: ak_p; desc="1686254452187_1611745335_54786974_14_841_331_666_182";dur=1
content-length: 22605
x-amz-id-2: 67EIKJBJGNe4TsvdFoM2ehVh9+XYvLuF4eFZR5rVL3vNIA2wZZdLQ4YV1Uf1+OUP3Fb3jxntQGs=
last-modified: Thu, 27 Apr 2023 15:16:07 GMT
server: AmazonS3
etag: "30ffb8d6ca1409bc5da2d7dad3c36fe1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
accept-ranges: bytes
x-amz-cf-id: YBF9JRLxpemefl3hzjyfn_bzmhzSRmhL-DsAbQRQfC0FSrAVsqPnsg==

GET
H2 200 8129-adc-w1920xd1080px.jpg
www.plusrewards.com.au/darkroom/1200/2cd2b201a14f0d18993110312e619186:4b72a1375f7831398a6f52197a781b53/ 150 KB
151 KB 331ms
330ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/2cd2b201a14f0d18993110312e619186:4b72a1375f7831398a6f52197a781b53/8129-adc-w1920xd1080px.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b38203a881ad4c330e92ceeecc2b8efd1b9ede372560658fbd15cc2dfa93ff41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3358598
authorized-request: /1200/2cd2b201a14f0d18993110312e619186:4b72a1375f7831398a6f52197a781b53/8129-adc-w1920xd1080px.webp
x-clock-cacheable: YES
content-length: 153734
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 30 Apr 2023 23:00:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FGwNo29eC0WeJ17AbxWQraeiEqbxHcZTUrt%2B39owsZNx4tZr1AGkNqfuwphAL9HtupXCqmBE1nEQl%2BkLYFllxTEXpltahhn7mYIn9q83%2Fk1fyg0JV4XZWSjVxIJdYW%2FWdt53r%2Bn8cTA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 87425449 87053007
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b933a85ca883-SYD

GET
H2 200 screenshot-2023-04-14-160345.png
www.plusrewards.com.au/darkroom/1200/e417f31beb1d2c1deebacfdf482b952c:fccf7cef3dc4407fdc6b63af275d47ac/ 909 KB
910 KB 330ms
328ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/e417f31beb1d2c1deebacfdf482b952c:fccf7cef3dc4407fdc6b63af275d47ac/screenshot-2023-04-14-160345.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14fb3b77c88e15c85373e545a0ee32a22a0d8df26aed8142d40a5ccb7f6e2ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3358598
authorized-request: /1200/e417f31beb1d2c1deebacfdf482b952c:fccf7cef3dc4407fdc6b63af275d47ac/screenshot-2023-04-14-160345.webp
x-clock-cacheable: YES
content-length: 930516
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 30 Apr 2023 23:00:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LM5s3Ztk4kIW0JdNuvKIGgE6aaiBdZ9EQ%2BdL0ERn%2FtDo1dAzQbpX7FQX1ml0ZA%2B%2BLPNadfILfa%2B3pzFIGbZhxeC4OjSQNkqu8zksMH4IKPtp0DzlnDfcuu5J72imMQ5TNOv29pWxB58%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 87134766 87134684
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b933a85da883-SYD

GET
H2 200 ssn-newscorp-1920x1080-2.png
www.plusrewards.com.au/darkroom/1200/bffd831340ad8eed68e96bf48452e282:1f342629679f26ff9b1718685ff8f52d/ 995 KB
996 KB 328ms
326ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/bffd831340ad8eed68e96bf48452e282:1f342629679f26ff9b1718685ff8f52d/ssn-newscorp-1920x1080-2.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b45c49e09ac1c7058b7da47902910ca141b468831492e73da274b8845fa314a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-application-method: Resize width and maintain aspect ratio
date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6118699
authorized-request: /1200/bffd831340ad8eed68e96bf48452e282:1f342629679f26ff9b1718685ff8f52d/ssn-newscorp-1920x1080-2.webp
x-clock-cacheable: NO:Cookie
x-webworker: active
d-cache: MISS
last-modified: Thu, 30 Mar 2023 00:22:31 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pwp1MsjUsW7%2Bu5bFtXlgMpkyfesSuDlJ3OP9fIPVTsLRTNgzcAjOOHRxbCmsZOCRcQiSj%2FIjqSOAFroDjV5VJj0Hn%2FMqWqsirAqMTqrLggGaLTdP%2FvfBb1MXj6vicz6l6Xs9C4n%2Fu%2Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 79143963
cache-control: max-age=315360000
cf-ray: 7d43b933a85ea883-SYD

GET
H2 200 sc23-brand-newscorp-1920x1080-syd.jpg
www.plusrewards.com.au/darkroom/1200/9e825184c6d84cb261a505007ece8f97:9c2ca22b5c9415d68b1f103d4b653b1a/ 205 KB
205 KB 329ms
328ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/9e825184c6d84cb261a505007ece8f97:9c2ca22b5c9415d68b1f103d4b653b1a/sc23-brand-newscorp-1920x1080-syd.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daa2666b6c75b5c0ad185a98fbc15e71bf061dfc49ef1dc3ad89aa8f27494094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5809690
authorized-request: /1200/9e825184c6d84cb261a505007ece8f97:9c2ca22b5c9415d68b1f103d4b653b1a/sc23-brand-newscorp-1920x1080-syd.webp
x-clock-cacheable: NO:Cookie
content-length: 209700
x-webworker: active
d-cache: MISS, HIT
last-modified: Fri, 31 Mar 2023 03:35:03 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=414IAd%2F%2B6zLUaALaiarFnrzPmNPr4QOJhae7yOceupt98%2BMaM9FS%2B2v0SC25XCC7wh%2FLam09gg3NmjC1y%2F3ij1WiyoJDKkAsieK9%2BgNvaWfPsf1%2FW%2FF0WcFRR28gJuhM5VSgLZt2hdY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 80726967
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b933a85fa883-SYD

GET
H2 200 1920x1080-girl.jpg
www.plusrewards.com.au/darkroom/1200/7f2b04fbe8acd3bf758ac960084f4904:f717e2d3bf39b99ea838b70fa87ffcd0/ 68 KB
69 KB 200ms
200ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/7f2b04fbe8acd3bf758ac960084f4904:f717e2d3bf39b99ea838b70fa87ffcd0/1920x1080-girl.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

889e540402bf1e1b54c2891ae0f4a380cb3696ce3f98988ebfec96e2f0d85171

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5954211
authorized-request: /1200/7f2b04fbe8acd3bf758ac960084f4904:f717e2d3bf39b99ea838b70fa87ffcd0/1920x1080-girl.webp
x-clock-cacheable: NO:Cookie
content-length: 69984
x-webworker: active
d-cache: MISS, HIT
last-modified: Fri, 31 Mar 2023 22:00:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivDxkkLJ9lDmgBrhC6RBIaygyClCNOc9Hlm9c5OC8TQxLiK%2BLc7vi6fo%2BsQ8f68%2FEJ%2FnZUVYnsEdeGV%2FXUm0Y4z2V56qQRXb9SU5kcUmq02I0MCkqYeeh6ZCTcdUu3kLYGsUHjN5Gb8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 80418935
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b933a860a883-SYD

GET
H2 200 ep-au-13756-resize-images-1920x1080px-3.jpg
www.plusrewards.com.au/darkroom/1200/18fb50a5c3e4cc0ea9c6aee327f47be1:2d5e3445424b3a7980f010008afe739d/ 178 KB
179 KB 330ms
329ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/18fb50a5c3e4cc0ea9c6aee327f47be1:2d5e3445424b3a7980f010008afe739d/ep-au-13756-resize-images-1920x1080px-3.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbaad9e58cfbd42f41338df6e899d81beaf31b9eb30d2da6b74deeb9bf2cf754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8200689
authorized-request: /1200/18fb50a5c3e4cc0ea9c6aee327f47be1:2d5e3445424b3a7980f010008afe739d/ep-au-13756-resize-images-1920x1080px-3.webp
x-clock-cacheable: NO:Cookie
content-length: 182506
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 05 Mar 2023 22:00:07 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xP033XiUO0XEJB5JFpuj9LH01IeGuMO2HfvKPhwWiUh4CFQwyQ5aj3HGf5EQhA6mXZZoGll0ZmpBH0WniFIAnyoynMb73zYaEYmuKK9mtQSelKNj5AElZknJCQ0dFTUkqdxBQGX2d4Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 74221765
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b933a861a883-SYD

GET
H2 200 ac-ksm195-first-x960-crop-center.webp
www.plusrewards.com.au/darkroom/1200/6952757b20ab3bd90a5489e27b54393f:5bf286ecfb2f6ce9019123f3d9613857/ 55 KB
56 KB 325ms
322ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/6952757b20ab3bd90a5489e27b54393f:5bf286ecfb2f6ce9019123f3d9613857/ac-ksm195-first-x960-crop-center.webp

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

247373fe5b8326425a81bfd1c576a43bfdf4eaebd168dfa658f4cf233d194422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 334314
authorized-request: /1200/6952757b20ab3bd90a5489e27b54393f:5bf286ecfb2f6ce9019123f3d9613857/ac-ksm195-first-x960-crop-center.webp
x-clock-cacheable: NO:Cookie
content-length: 56710
d-cache: MISS, HIT
last-modified: Sun, 04 Jun 2023 23:00:12 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FTig5p4PXYY6lTUgt9g6FZB2yc34FBjLhtuD5R1NpXfeCnHegWuvvYiHNhUz6O%2F%2FJeUiMXiRldTtQx4rmEoiSJCkfx97ENbPeryH7O2EpViZ%2FWHEiw%2FMVWKgB62yWTlIDaSXjStbmMA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp; charset=binary
x-varnish: 93864283
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b933a864a883-SYD

GET
H2 200 gettyimages-1367957675-1.jpg
www.plusrewards.com.au/darkroom/1200/619dc47461dd3684ebc6ff8aed150b96:a04b3ab41aaf8636918f99a754848461/ 50 KB
51 KB 363ms
359ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/619dc47461dd3684ebc6ff8aed150b96:a04b3ab41aaf8636918f99a754848461/gettyimages-1367957675-1.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca3df8fa60811ac9f40f90052e42a6ccfae2b50bdcf49c44451328c64789cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 334314
authorized-request: /1200/619dc47461dd3684ebc6ff8aed150b96:a04b3ab41aaf8636918f99a754848461/gettyimages-1367957675-1.webp
x-clock-cacheable: NO:Cookie
content-length: 51424
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 04 Jun 2023 23:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3t5CBA6HvHYHmCMiL5%2BkLpei1a2uE%2FdSW4qTt%2F5GOMtclrsig1SXTL0H2bFs1mGyEemzGgH4y7GXfEVj5UTCazqfTMG91I%2FNaGVLhZ7UXEAGS4i8RwwhP96yW65eMXgegeHO73UqA%2BQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 94137630
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498a4a883-SYD

GET
H2 200 illuminate-adelaide.JPG
www.plusrewards.com.au/darkroom/1200/26523083660a815696f1eb080487a8ae:82c68a5fdf5c0542b1e31de4a673cddf/ 19 KB
19 KB 412ms
409ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/26523083660a815696f1eb080487a8ae:82c68a5fdf5c0542b1e31de4a673cddf/illuminate-adelaide.JPG

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

773a100fcdbc6392876b46c7ea936963a36985600e79a08beac1d2fdb90a116e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3386986
authorized-request: /1200/26523083660a815696f1eb080487a8ae:82c68a5fdf5c0542b1e31de4a673cddf/illuminate-adelaide.webp
x-clock-cacheable: NO:Cookie
content-length: 19450
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 30 Apr 2023 14:03:43 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5oeYatakPRYf3CY1OlIVzcGvhq1xv%2FXYBxpQkV0GafqEqlpwPhe28SsEoMGmed4CM%2Bx6Wo9T47d2I8Ms1U9Z5vnrASeZ5MFufSzZlebuyGl493tyD8kxn7azJHuVOHJ%2FxnM1zcMx38k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 87155143
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498a5a883-SYD

GET
H2 200 4181632975-national-rewards-may-june-23-samsung-phone-jpg-1.jpg
www.plusrewards.com.au/darkroom/1200/0d75703a651361dd3c3ac1189acb6eb5:0beebdeb700eb9159b563e947f00250c/ 22 KB
22 KB 363ms
360ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/0d75703a651361dd3c3ac1189acb6eb5:0beebdeb700eb9159b563e947f00250c/4181632975-national-rewards-may-june-23-samsung-phone-jpg-1.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394cba78aabd4d7a22876a4a19d1a80a1dbbb5981f408f032ce159768e6a03eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1208583
authorized-request: /1200/0d75703a651361dd3c3ac1189acb6eb5:0beebdeb700eb9159b563e947f00250c/4181632975-national-rewards-may-june-23-samsung-phone-jpg-1.webp
x-clock-cacheable: YES
content-length: 22078
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 30 Apr 2023 14:00:23 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A0mXlIi7kYXnUnCzwCqq0150yZFeNBY768mm05Qq8rGXfaZbSCHN35IS4%2FJHfycJvAiN0Xa33ljs5isW%2BzMZiR9OGgoFBZdw5A1wKR05pfAFpU6SXVzhz%2BW0C8uuOQOY02qEIXa3H34%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 92317333 87132519
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498a6a883-SYD

GET
H2 200 screenshot-2023-02-28-162312.png
www.plusrewards.com.au/darkroom/1200/205961c7f6d0c931217cbf60f76b3ac7:ee91bfea383a2115e708d53b5c7f8e86/ 455 KB
456 KB 363ms
360ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/205961c7f6d0c931217cbf60f76b3ac7:ee91bfea383a2115e708d53b5c7f8e86/screenshot-2023-02-28-162312.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e2a9f7912819a604c2b9fb769829f71e755d22bffe035a1e358f632fa0d9412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3358633
authorized-request: /1200/205961c7f6d0c931217cbf60f76b3ac7:ee91bfea383a2115e708d53b5c7f8e86/screenshot-2023-02-28-162312.webp
x-clock-cacheable: NO:Cookie
content-length: 466142
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 30 Apr 2023 23:00:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3KlfasYg0Bx8HF7yOaWUJCZMDYDxEDbUR3ba%2B2kgybYrMNCKgfaBKFQNlB43TD7Hs9gmrRQILS%2BZlD%2BOICDfEATHtmMdRIpQqPbAzlHHs4BzJCamefPW%2B0DIzS1F4hbM9IX0jtc0lv8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 87342902
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498a7a883-SYD

GET
H2 200 rd-urban-dining-tomorrow-s-lunch-22-5.jpg
www.plusrewards.com.au/darkroom/1200/f26f4d7c2b94fa1219e096c1903327be:e0c0df1614c1f1c4997109a504225464/ 63 KB
64 KB 369ms
366ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1200/f26f4d7c2b94fa1219e096c1903327be:e0c0df1614c1f1c4997109a504225464/rd-urban-dining-tomorrow-s-lunch-22-5.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

093d8f0471620eeec3858045cc17e5c83a6825fc4dc012d388f3227bbc3f6e68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3358633
authorized-request: /1200/f26f4d7c2b94fa1219e096c1903327be:e0c0df1614c1f1c4997109a504225464/rd-urban-dining-tomorrow-s-lunch-22-5.webp
x-clock-cacheable: NO:Cookie
content-length: 64558
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 30 Apr 2023 23:00:14 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qMG4TOilOMdcvsfuDbeQDr7cdE5wLwlXzKRexG8%2BMXtx70KQkj5pPOLXxBMXnyV9WRcAsfgvTpG9kFVedBXR9dlnB7jS%2F6IWtGHuDKZP8oVal3xjDhCl7ZK%2FpYfWLBraZkFWa9N0Adc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 86659612
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498a8a883-SYD

GET
H2 200 dt-rev.png
www.plusrewards.com.au/darkroom/original/5b812b43e639de510d5e8f797373006a:7e737b8c42df29e6348ab71fe7e8b363/ 5 KB
5 KB 369ms
366ms Image
image/png 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/original/5b812b43e639de510d5e8f797373006a:7e737b8c42df29e6348ab71fe7e8b363/dt-rev.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d90e6e56feffa1cfab9eeff5b73ac8a672770125810733d45c9edffb4450522d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-application-method: Original Image
date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31307376
authorized-request: /original/5b812b43e639de510d5e8f797373006a:7e737b8c42df29e6348ab71fe7e8b363/dt-rev.png
x-clock-cacheable: YES
content-length: 4846
d-cache: MISS
last-modified: Sat, 11 Jun 2022 11:31:15 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7MLr6%2FAyjaxAYwTDY02jlJ8tUyE%2Fjdc5rwJWv4jtAkc%2BJlZx0rSaZw%2Bgonxh7J3Yj5tCd5iQafSimqAkOWDth6mzO2t8wT%2FHkcZI3t8JYPveq5eBSBXJcQoig37cOPynuQMkcTu53k%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=binary
x-varnish: 26545489 285142
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498a9a883-SYD

GET
H2 200 daily-telegraph.png
www.plusrewards.com.au/darkroom/515/00114a739e8e62ebfcc75e910e985df8:6e7cbcd18c1e229e2d911f42957bfdf3/ 68 KB
68 KB 363ms
360ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/515/00114a739e8e62ebfcc75e910e985df8:6e7cbcd18c1e229e2d911f42957bfdf3/daily-telegraph.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0149fda0fe70d117d2fb621a92eadf8d5a2956591627665543d6bce7d291413c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31307376
authorized-request: /515/00114a739e8e62ebfcc75e910e985df8:6e7cbcd18c1e229e2d911f42957bfdf3/daily-telegraph.webp
x-clock-cacheable: YES
content-length: 69162
x-webworker: active
d-cache: MISS, HIT
last-modified: Thu, 05 Sep 2019 21:17:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G2a9hR7oEv7xZBJ0z31MclUIqSGlKWLzaQe1DRQZj0SLx%2B6piiZrxbSCQgpGbtx6UPfRrWLW1hxMUmft68TA9NKapb%2FxDAtbauExmfP2w2ikul6H7F73vRSR3TswzHJglQFPTfByRek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 24084258 701960
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93498aaa883-SYD

GET
H2 200 news-corp-logo.png
www.plusrewards.com.au/assets/img/content/ 2 KB
2 KB 361ms
359ms Image
image/png 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/assets/img/content/news-corp-logo.png

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc17f8f103be6eb21a2a665ca699009649851c4b049892cb384beaa519e8922d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5006317
x-clock-cacheable: YES
content-length: 1944
x-response-time: 4.028ms
last-modified: Wed, 23 Nov 2022 17:21:37 GMT
server: cloudflare
etag: W/"798-184a582681d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csYz1I4eaosvhzLEXUBKysv2CYrMJirltwAKu6oBBFG9s%2Fx6sXtUvTNxOvhL7mbO0KhUDRUoMkC18XdepbCw7ZiepZSfIFzzZC3jgmN%2FmsEY5%2Fdt0vf1U0Rp0uWhy0C%2B%2BYU%2BcCpc5vU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
x-varnish: 82872051 67035902
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d43b93498aba883-SYD

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.26.4/ 37 KB
14 KB 1300ms
305ms Script
application/javascript 151.101.66.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e

Request headers

Referer: https://www.plusrewards.com.au/
Origin: https://www.plusrewards.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:52 GMT
content-encoding: gzip
last-modified: Fri, 20 Jul 2018 09:10:03 GMT
server: Fastly
age: 52957
etag: "e7a52e3ca61154fb6077ca08d351e3e3"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 13757

GET
H2 200 vendor.js Show response
www.plusrewards.com.au/assets/js/build/9da1706c96be601c7e57433c325c193e/ 739 KB
206 KB 324ms
322ms Script
application/javascript 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plusrewards.com.au/assets/js/build/9da1706c96be601c7e57433c325c193e/vendor.js

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9aa3b1a29a90ea3dcda8b653b0842e0f646bafa500ac8ee7f54f3d56503c1168

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 20600481
content-encoding: br
x-clock-cacheable: NO:Cookie
x-response-time: 6.630ms
last-modified: Thu, 13 Oct 2022 09:37:39 GMT
server: cloudflare
etag: W/"b8aea-183d0b4e2b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b07IWCGC01nuxg9zaqMf0Qf1SYqHAEiv8OAGvZyjq7xjaikJxYOvUKVH3hXBU5ljbbK2iK6il8Uws7lu9t%2BGU2IQcslQnM09l1g%2BfX1azKgGu%2F2jq64UpqU6wgaG8rxpeEKTuaJt4q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-varnish: 50516609
cache-control: public, max-age=31536000
cf-ray: 7d43b933a865a883-SYD

GET
H2 200 base.js Show response
www.plusrewards.com.au/assets/js/build/83fc5d42265766b8bdf30b4918d36050/ 542 KB
77 KB 323ms
322ms Script
application/javascript 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plusrewards.com.au/assets/js/build/83fc5d42265766b8bdf30b4918d36050/base.js

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e78884c562fb80f581008e50cd16a6b89a71dd4432d24fce64b907726940550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:51 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 10575198
content-encoding: br
x-clock-cacheable: YES
x-response-time: 1.321ms
last-modified: Mon, 06 Feb 2023 10:25:34 GMT
server: cloudflare
etag: W/"876fa-18626427229"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5%2FVHpmODKNQThnCnamoF1FSB0szDn2Ak33fyhPvNrDZBwqL%2Bu0fEH3cIcE55zTnVz1XqPf9DCvk6sZfFaMRFrqsmF3mzlvpVqlKyNBuHYjIS6k%2Bci8NrdWyM0f0ASlXUxen8HiczKXE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
x-varnish: 68209425
cache-control: public, max-age=31536000
cf-ray: 7d43b933a867a883-SYD

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/dt.wl/prod/ 50 KB
14 KB 2551ms
1350ms Script
application/javascript 52.84.251.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-5.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 50a6c483fae2f0c156bc37fc3532bda2b3fad60d771f7d9048c8c1bf3cfc79fb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 4UbAY8C7sTbQ0djh_B2DFzX6Vy7JOBe_
content-encoding: gzip
via: 1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
date: Thu, 08 Jun 2023 20:00:54 GMT
last-modified: Fri, 10 Mar 2023 17:50:48 GMT
server: AmazonS3
x-amz-cf-pop: SIN5-C1
x-amz-server-side-encryption: AES256
etag: W/"f05466ac6760dd6a2bb1317117625edf"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=300
x-amz-cf-id: 59ZDSZQKWmtK2CbMHa92N3N4F2Is9Q5sq80QwnpFzYBg1mbJMSLBuw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 1170ms
333ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Jun 2023 20:00:53 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27549
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Aqv6GsDuK7E3uBOhqUhtE9znwooG1acyElBW7vIyxXHFV7ANBhAs0BXVuQ06RPs4lgq5+6zUDLnJLFEjHI9ldQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 15 KB
15 KB 1199ms
300ms Font
font/woff2 64.233.188.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f94.1e100.net

Software

sffe /

Resource Hash

7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.plusrewards.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 05:24:03 GMT
x-content-type-options: nosniff
age: 225410
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14892
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 05:24:03 GMT

GET
H2 200 9625 Show response
secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/ 106 B
500 B 1541ms
544ms XHR
application/octet-stream 96.17.72.59
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/5/9625
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 96.17.72.59 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a96-17-72-59.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5076bd7c5c84d0b533c19313a1ef4c0e6e4ba41b22f87b4ed7dcd0caea8947c7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: ni06aRNJ.oW5iot1yEoFCHIYC9YxODnP
content-encoding: gzip
date: Thu, 08 Jun 2023 20:00:54 GMT
x-amz-cf-pop: IAD79-C3
x-amz-replication-status: COMPLETED
server-timing: ak_p; desc="1686254453564_1611745335_54788406_21128_585_331_664_219";dur=1
content-length: 112
last-modified: Thu, 25 Jun 2020 00:21:01 GMT
server: AmazonS3
etag: "871ff70fb44fe71ad31c207b97a5e109"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=527
accept-ranges: bytes
x-amz-cf-id: QugM6HpRn2B3utylHzCUB5JgYggUnvVnfpjNlzZi_MYrlEnAVE6B3w==

GET
H2 200 4181632975-national-rewards-may-june-23-june-ebooks-1-jpg.jpg
www.plusrewards.com.au/darkroom/1500/83cd32287bf4a5a8c82ab2303800c069:afce85c6aac9970ac553d827b570f031/ 169 KB
169 KB 180ms
180ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1500/83cd32287bf4a5a8c82ab2303800c069:afce85c6aac9970ac553d827b570f031/4181632975-national-rewards-may-june-23-june-ebooks-1-jpg.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

231e039a4f87002b174222316ad98fa3c8bbd8b25f3e054635aecfd0e25e51b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332758
authorized-request: /1500/83cd32287bf4a5a8c82ab2303800c069:afce85c6aac9970ac553d827b570f031/4181632975-national-rewards-may-june-23-june-ebooks-1-jpg.webp
x-clock-cacheable: NO:Cookie
content-length: 172688
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 04 Jun 2023 23:27:27 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Zw2v2H%2FQHOUoFvgoJ9tzQsdGNUNEQc2bMKVOY9XH3Sc9W3UHcyeQ%2Bm5U2RGU3K4ZZedeiLrD3mw2xGNSjQz5%2BCP9AtItDPKJ7S1MZoYd8U%2BKH%2BcAYv4b%2BofKneqon0ospG79QP3YxE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 93858372
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b93c8bdfa883-SYD

GET
H2 200 charter-bold.woff2
www.plusrewards.com.au/assets/fonts/charter/ 15 KB
15 KB 174ms
173ms Font
font/woff2 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plusrewards.com.au/assets/fonts/charter/charter-bold.woff2

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/assets/css/7468861eb4a4bbc2ee20effa31fb2827/index-rewards.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ca14510c9c719c3d07bb457eb2e914f48e942fc1e6906c03008197559e03b5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.plusrewards.com.au/assets/css/7468861eb4a4bbc2ee20effa31fb2827/index-rewards.css
Origin: https://www.plusrewards.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172961
x-clock-cacheable: YES
content-length: 15164
x-response-time: 5.096ms
last-modified: Wed, 23 Nov 2022 17:21:37 GMT
server: cloudflare
etag: W/"3b3c-184a58264e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJkV4lQt3WOUpUq2fFFmrL1MrRk1sJaXmw6j0gferqAC%2BjbTzR2meXYceKXu8GXQLqXBspFP9kUcOFN83DPNhBc0kn5PbWb1QJM3GXgON0cgh4x85V%2FimGT5tFMomIR1eA6ZRN7flvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-varnish: 94556522 66843256
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d43b93c8be0a883-SYD

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ 14 KB
14 KB 1046ms
367ms Font
font/woff2 64.233.188.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Source+Sans+Pro:wght@400;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f94.1e100.net

Software

sffe /

Resource Hash

0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.plusrewards.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Tue, 06 Jun 2023 05:24:04 GMT
x-content-type-options: nosniff
age: 225409
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14712
x-xss-protection: 0
last-modified: Thu, 01 Jun 2023 22:52:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Jun 2024 05:24:04 GMT

GET
H2 200 rollerscript-smooth.woff2
www.plusrewards.com.au/assets/fonts/rollerscript/ 115 KB
115 KB 175ms
174ms Font
font/woff2 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.plusrewards.com.au/assets/fonts/rollerscript/rollerscript-smooth.woff2

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/assets/css/7468861eb4a4bbc2ee20effa31fb2827/index-rewards.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3a5128f3f03a9ae9f18f02f1981e916854f9a95a29f319b9d7ca8407df00ae53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.plusrewards.com.au/assets/css/7468861eb4a4bbc2ee20effa31fb2827/index-rewards.css
Origin: https://www.plusrewards.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:53 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5005374
x-clock-cacheable: YES
content-length: 117392
x-response-time: 5.577ms
last-modified: Wed, 23 Nov 2022 17:21:37 GMT
server: cloudflare
etag: W/"1ca90-184a58264e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14n%2BQQyvVY7vT3NSFJCoP5EW9uDEzaFLIYNBi46Pdhr%2BcyxJ3%2BByAnwE%2Bzw%2FHqt7y6ATI%2B9L7ErlhneYcW6xSd2G3XwBp7%2BQdp2Z1F8r9DsH%2F4RAfxH8lXcxGS9fUUwbV7gADWFfLY4%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
x-varnish: 82616462 67545606
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7d43b93c8be1a883-SYD

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 1361ms
349ms Script
application/x-javascript 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16862544542590.32436459562439635
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:00:55 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=0, no-cache, no-store
server-timing: ak_p; desc="1686254454770_389785775_177579200_583_620_332_0_146";dur=1
content-length: 833
expires: Thu, 08 Jun 2023 20:00:55 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
963 B 1345ms
333ms Script
application/x-javascript 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:55 GMT
server: AkamaiNetStorage
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=17768
server-timing: ak_p; desc="1686254455437_389785775_177579201_17_383_332_667_146";dur=1
content-length: 666

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 65 B
466 B 1355ms
344ms XHR
text/plain 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by: Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: 0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:00:55 GMT
server: AkamaiGHost
etag: "519053bf13ef3980b8829a5ec0f4dbc4:1638256850.601476"
vary: Origin, Origin, Origin
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: text/plain
access-control-allow-origin: https://www.plusrewards.com.au
cache-control: max-age=0, no-cache
server-timing: ak_p; desc="1686254454770_389785775_177579198_1109_449_332_666_219";dur=1
content-length: 65
mime-version: 1.0
expires: Thu, 08 Jun 2023 20:00:55 GMT

GET
H2 200 rampart.js Show response
www.news.com.au/remote/identity/rampart/latest/ 289 KB
85 KB 1463ms
454ms Script
application/x-javascript 23.207.180.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.news.com.au/remote/identity/rampart/latest/rampart.js

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/assets/js/build/83fc5d42265766b8bdf30b4918d36050/base.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.207.180.112 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-207-180-112.deploy.static.akamaitechnologies.com

Software

AkamaiNetStorage /

Resource Hash

88d6a54b11051855551c995388d2e8ace828188a41f201b4c77fc721bc536e36

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-security-policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
content-encoding: gzip
date: Thu, 08 Jun 2023 20:00:55 GMT
server: AkamaiNetStorage
etag: "b54775a0a21a66e451109802cf36c46c:1685338643.533073"
vary: User-Agent, Accept-Encoding
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://www.news.com.au/csp-reports
content-type: application/x-javascript
cache-control: max-age=1480
is-https: true
server-timing: ak_p; desc="1686254454771_389785764_82123451_1932_63694_331_669_146";dur=1
x-webkit-csp: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:;
expires: Thu, 08 Jun 2023 20:25:35 GMT

GET
H2 200 808387116198479 Show response
connect.facebook.net/signals/config/ 300 KB
86 KB 528ms
527ms Script
application/x-javascript 157.240.235.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/808387116198479?v=2.9.106&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.1 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-04-sin6.fbcdn.net

Software

Resource Hash

e0755149df409d34d002367f70fdf59872d72a8b37d603c40c86cce56c277061

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 08 Jun 2023 20:00:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pz+aIZRJYcML5V91MIp0L5CBFqO/RfvOQtRmmxW4ZZk6JYgxpNUkKvQMapOXiaaBAYoq+WNRAxuQlqzMuoswxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Serving Show response
bs.serving-sys.com/ 384 B
866 B 2159ms
412ms Script
text/html 52.76.199.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=9625&dispType=js&sync=0&sessionid=8585115440512079685&pageurl=$$https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph$$&activityValues=$$Session%3D5858139171106788055$$&ns=0&rnd=8302062481923935&uinadv=%7B%7D&ccpastatus=1
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.199.21 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-199-21.ap-southeast-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 85685bd4d68102ad8f8817473591a14dd1d71c9610e19eb78c0edefe16de6c1f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:00:56 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: CP="NOI DEVa OUR BUS UNI"
cache-control: no-cache, no-store
content-length: 288
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 1343ms
333ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=808387116198479&ev=PageView&dl=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&rl=&if=false&ts=1686254455674&sw=1600&sh=1200&v=2.9.106&r=stable&ec=0&o=30&fbp=fb.2.1686254455673.2076105885&it=1686254454540&coo=false&rqm=GET

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Jun 2023 20:00:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 842ms
333ms Image
text/plain 157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=808387116198479&ev=Microdata&dl=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&rl=&if=false&ts=1686254456176&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Home%20%7C%20%2BRewards%22%2C%22meta%3Adescription%22%3A%22%20The%20official%20website%20of%20%2BRewards%22%7D&cd[OpenGraph]=%7B%22og%3Aimage%22%3A%22https%3A%2F%2Fnca-plus-production.clockhosting.com%2Fassets%2Fimg%2Fmeta%2Frewards%2Fdf0ffb6a93b53c160893035c12275b70%2Fmeta-icon-1000x1000.png%22%2C%22og%3Aimage%3Aurl%22%3A%22https%3A%2F%2Fnca-plus-production.clockhosting.com%2Fassets%2Fimg%2Fmeta%2Frewards%2Fdf0ffb6a93b53c160893035c12275b70%2Fmeta-icon-1000x1000.png%22%2C%22og%3Aimage%3Asecure_url%22%3A%22https%3A%2F%2Fnca-plus-production.clockhosting.com%2Fassets%2Fimg%2Fmeta%2Frewards%2Fdf0ffb6a93b53c160893035c12275b70%2Fmeta-icon-1000x1000.png%22%2C%22og%3Asite_name%22%3A%22The%20Australian%20%26%20Plus%20Rewards%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.106&r=stable&ec=1&o=30&fbp=fb.2.1686254455673.2076105885&it=1686254454540&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 08 Jun 2023 20:00:56 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 111 KB
34 KB 945ms
944ms Script
application/x-javascript 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 78ce242f06e80599aeb8b75ca2a2c36cd93987a780a0cd25425498cd41170d69

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:56 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ed50341af2f4c2a39bbb735192c85fad:1685589099.251397"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=64125
server-timing: ak_p; desc="1686254456507_389785775_177582504_726_638_331_0_146";dur=1
content-length: 34098

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
25 KB 1212ms
306ms Script
text/javascript 142.251.8.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f155.1e100.net

Software

cafe /

Resource Hash

22092aa34c09c9a503e3f37e2e67de5eac44650aacca0923988e26a575e630c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25347
x-xss-protection: 0
server: cafe
etag: 893 / 19516 / m202306050101 / config-hash: 16344034956131939870
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 08 Jun 2023 20:00:57 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 184 KB
62 KB 421ms
420ms Script
application/x-javascript 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d37c7ee32af1f07dbf22ab0a2e4c53707def7054bb4985ea89ca67db673106d8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:56 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "9938de9a553db5cf37904650f464cae7:1686023784.556489"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=16048
server-timing: ak_p; desc="1686254456506_389785775_177582530_651_676_331_0_146";dur=1

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 365ms
365ms Script
application/x-javascript 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:56 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ecacc4b7d71d3eee8eaca9fbb3295f91:1638242930.652258"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=60810
server-timing: ak_p; desc="1686254456502_389785775_177582531_307_641_331_0_146";dur=1
content-length: 9840

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 1202ms
298ms Script
text/javascript 74.125.204.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.204.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ti-in-f97.1e100.net

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 08 Jun 2023 18:48:27 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 4350
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 08 Jun 2023 20:48:27 GMT

GET
H2 200 embed.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 1 KB
970 B 924ms
306ms Script
application/javascript 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

efe60b6928a0f370aa2ebbcf726337ddece82b8350fc012476e434b91e665cf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: mX8fMBiKSjQoqAMs3ORgCtaWppS1_CNL
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 20:00:57 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 50HP8ZKV27Z8190T
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 520
x-amz-id-2: n8Ft6LJXCnPbM+2tjj5kx6R4/qlDs/JtS6K5LHNy+DYKInAhaeGix6MB2sHTv50RV/a5tGlh7KI=
x-served-by: cache-bfi-kbfi7400021-BFI
last-modified: Mon, 01 May 2023 02:35:02 GMT
server: AmazonS3
x-timer: S1686254458.508537,VS0,VE0
etag: "48ec641db42f1901c86d5cb54cefdce7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=0,must-revalidate
accept-ranges: bytes
x-cache-hits: 901

GET
H2 200 nca_ipsos.js Show response
tags.news.com.au/prod/ipsos/ 26 KB
6 KB 671ms
671ms Script
application/x-javascript 23.207.180.192
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.192 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-192.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 7f3c6b58f7c57e2b2b1bb8e49260fe50e7366d3eadebc1414f53fb6c7854d9b2

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:56 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "83e3b56b9ff0bdc4a86e195e823387bf:1677561534.235209"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
content-type: application/x-javascript
cache-control: max-age=42004
server-timing: ak_p; desc="1686254456936_389785775_177583890_18_517_331_0_146";dur=1
content-length: 6160

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
428 B 420ms
420ms Script
application/javascript 52.84.251.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/dt.wl/202207210618&cb=1686254456324
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/dt.wl/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.84.251.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-84-251-5.sin5.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 2XUX04X5QEw0.xFya64khU._sHTRl_Pz
date: Thu, 08 Jun 2023 20:00:50 GMT
via: 1.1 ed9908577fd6427c647d93076edebd26.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN5-C1
age: 9
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 2
last-modified: Sat, 11 Mar 2023 06:57:46 GMT
server: AmazonS3
etag: "7bc0ee636b3b83484fc3b9348863bd22"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=300
accept-ranges: bytes
x-amz-cf-id: LtMh5WCm23_vh1YotFZcneRKxyRpA_3bsXFW6cRyrzOyEDf0P9QAiA==

GET
H2 200 authorize Show response
login.newscorpaustralia.com/ Frame FAB3 2 KB
3 KB 1807ms
793ms Document
text/html 104.69.163.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://login.newscorpaustralia.com/authorize?client_id=w6UcQBn6GV4T3yruKfGKaSeMdXC66oM6&response_type=token%20id_token&scope=openid%20profile&audience=newscorpaustralia&redirect_uri=https%3A%2F%2Fwww.plusrewards.com.au%2Fauth%2Fcallback&state=MbwKfXwJayIB2IMed0EclgZFX9Kk~_~h&nonce=z-IhgtZ0NudIAkwjcQkEIxw_KPxz4Lnt&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4yMC4yIn0%3D

Requested by

Host: www.news.com.au
URL: https://www.news.com.au/remote/identity/rampart/latest/rampart.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.69.163.134 , Singapore, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-69-163-134.deploy.static.akamaitechnologies.com

Software

cloudflare /

Resource Hash

3b8de612e16c13a0fe1e6a99b97ec48b4aaf958424fe48a7aceac43d78dda7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.plusrewards.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 7d43b9595fe3471b-SIN
content-encoding: gzip
content-length: 930
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://login.newscorpaustralia.com/csp-reports
content-type: text/html;charset=UTF-8
date: Thu, 08 Jun 2023 20:00:58 GMT
expires: Thu, 08 Jun 2023 20:00:58 GMT
ot-baggage-auth0-request-id: 7d43b9595fe3471b
ot-tracer-sampled: true
ot-tracer-spanid: 5dcddf7a688f6a5f
ot-tracer-traceid: 05304f921b858945
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-000000000000000005304f921b858945-5dcddf7a688f6a5f-01
tracestate: auth0-request-id=7d43b9595fe3471b,auth0=true
vary: Accept-Encoding
x-akamai-transformed: 9 539 0 pmb=mTOE,4
x-auth0-requestid: 173fbeef111c97f5c854
x-content-type-options: nosniff
x-ratelimit-limit: 1000
x-ratelimit-remaining: 999
x-ratelimit-reset: 1686254459

GET
H2 200 P5A1ABC62-BAAA-43C4-8D63-3665F832DAEE.js Show response
cdn-gl.imrworldwide.com/conf/ 32 KB
7 KB 1330ms
344ms Script
application/javascript 13.224.249.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/P5A1ABC62-BAAA-43C4-8D63-3665F832DAEE.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 821e49e1ea0f6c62430210f9d58bbb8b586c4e8d9c25801691117c897716f4b3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 71MZrws5bT5r8lUJbQBaU8UamA96Oog_
content-encoding: gzip
via: 1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
date: Thu, 08 Jun 2023 19:04:26 GMT
last-modified: Wed, 07 Jun 2023 13:16:42 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 3480
x-amz-server-side-encryption: AES256
etag: W/"4c0f90da9a430d73a6e1353eaa7767f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400,s-maxage=86400
x-amz-cf-id: SJP7hCbUq7lpJ277QSharFR3OY68VB06KAUQWQzxZIc3wz18CMWQxg==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1686254457277
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1686254457277

5 KB
2 KB

339ms
339ms

XHR
application/json

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1686254457277

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

a0e098997666c164e119046191dbc1a534878a2011bf58038d45b1d03f6984f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0d8e3df99.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: 0qx+V1fsTZU=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.plusrewards.com.au
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1563
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-usw2-2-v044-07cd81ee9.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: /0YpuQo9RDo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.plusrewards.com.au
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1686254457277
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 door.js Show response
au-script.dotmetrics.net/ 10 KB
4 KB 1111ms
427ms Script
application/javascript 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/door.js?id=13061
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/ipsos/nca_ipsos.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: b65f47e6e01641e5af255505932917ac6f724afa9a43b8525e110427e77cab39

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:58 GMT
content-encoding: br
via: 1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "13061...226.2023060820"
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: private
x-amz-cf-id: qwtgAoHk6NznNWbHTsjRmmXmRghFGyyJCycRWS187oYhMrt7lo47xQ==

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/ 403 KB
124 KB 300ms
299ms Script
text/javascript 142.251.8.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f155.1e100.net

Software

cafe /

Resource Hash

f90e86e415fef9aea8d31405a00fde59f92c5968762d3f9fa78a2c386a32ff09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 02:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63000
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126880
x-xss-protection: 0
server: cafe
etag: 5275185617162098568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 07 Jun 2024 02:30:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 60 B
592 B 1199ms
302ms XHR
application/json 142.251.8.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.plusrewards.com.au

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f155.1e100.net

Software

cafe /

Resource Hash

de5304209badeb036d13dba7afe925834b70bd9e91cecea63b23cf27fd01103e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
x-xss-protection: 0
expires: Thu, 08 Jun 2023 20:00:58 GMT

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=824659571&utmhn=www.plusrewards.com.au&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmd...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5748164-21&cid=341549740.1686254458&jid=1315832872&_v=5.7.2&z=824659571

35 B
337 B

1206ms
302ms

Image
image/gif

64.233.188.156
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5748164-21&cid=341549740.1686254458&jid=1315832872&_v=5.7.2&z=824659571

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Server

64.233.188.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 08 Jun 2023 20:00:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:00:58 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-5748164-21&cid=341549740.1686254458&jid=1315832872&_v=5.7.2&z=824659571
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 199 KB
56 KB 390ms
389ms Script
application/javascript 13.224.249.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P5A1ABC62-BAAA-43C4-8D63-3665F832DAEE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: 9XZn6KLhlrb4pop8dhleD465xHHeKN6D
content-encoding: gzip
via: 1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
date: Thu, 08 Jun 2023 19:59:53 GMT
x-amz-cf-pop: SIN52-C2
age: 66
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-storage-class: INTELLIGENT_TIERING
last-modified: Tue, 30 May 2023 12:59:00 GMT
server: AmazonS3
etag: W/"f43d226b4110956140ab2e00da92026d"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: TDMmCjJJbYK5QxUgdkbVSywn_IKUzKP3nv13CLc0SiooG0N4d0iEyQ==

POST
H2 404 csp-reports
login.newscorpaustralia.com/ 0
0 1531ms
534ms Other
text/plain 104.69.163.134
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://login.newscorpaustralia.com/csp-reports
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.69.163.134 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-69-163-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.plusrewards.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/csp-report

Response headers

GET 3ef652fa
login.newscorpaustralia.com/akam/13/ Frame FAB3 0
0

GET EJRo
login.newscorpaustralia.com/bbjKn5a9/Gmi/6Tk/5oq5vT4igr/5cEDQfG4cV/Yy41AxIr/IS05EhQ/ Frame FAB3 0
0

GET sec-3-10.css
login.newscorpaustralia.com/_sec/cp_challenge/ Frame FAB3 0
0

GET sec-cpt-3-10.js
login.newscorpaustralia.com/_sec/cp_challenge/ Frame FAB3 0
0

GET
H2 200 gettyimages-1367957675-1.jpg
www.plusrewards.com.au/darkroom/1500/619dc47461dd3684ebc6ff8aed150b96:a85f7eb1d9a744180d77852c940be034/ 68 KB
69 KB 183ms
183ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1500/619dc47461dd3684ebc6ff8aed150b96:a85f7eb1d9a744180d77852c940be034/gettyimages-1367957675-1.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a6564ae560c5128f5456bf5f7ace31951a5b15ec2ee50fa2c64b80fd39713c6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332454
authorized-request: /1500/619dc47461dd3684ebc6ff8aed150b96:a85f7eb1d9a744180d77852c940be034/gettyimages-1367957675-1.webp
x-clock-cacheable: NO:Cookie
content-length: 69746
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 04 Jun 2023 23:29:09 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ChE7fwaGJVMIMTokB9c2AoIhuYgjQpceGuzQzJSc7sLnvQfKwDn8uvoMqVGjh33sf6moIoaZG42szadQhYn5mGkWExvM%2FMmkORGYzAAZT8TC%2B0B8aMDYT4fwt9e2vYVBR%2BpI1dtK7c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 94251496
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b95debe3a883-SYD

GET
H2 200 4181632975-national-rewards-may-june-23-samsung-phone-jpg-1.jpg
www.plusrewards.com.au/darkroom/1500/0d75703a651361dd3c3ac1189acb6eb5:72ef14dcc89d80973afd1ded63d9ab65/ 29 KB
29 KB 179ms
179ms Image
image/webp 172.67.68.104
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.plusrewards.com.au/darkroom/1500/0d75703a651361dd3c3ac1189acb6eb5:72ef14dcc89d80973afd1ded63d9ab65/4181632975-national-rewards-may-june-23-samsung-phone-jpg-1.jpg

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.68.104 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95d0029cbdcf1a2e8b9f17045aac2cf598a2955f36ea5ac3879274dc6f584ae3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/dailytelegraph
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:58 GMT
strict-transport-security: max-age=31536000
via: 1.1 varnish (Varnish/6.0)
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 332454
authorized-request: /1500/0d75703a651361dd3c3ac1189acb6eb5:72ef14dcc89d80973afd1ded63d9ab65/4181632975-national-rewards-may-june-23-samsung-phone-jpg-1.webp
x-clock-cacheable: NO:Cookie
content-length: 29458
x-webworker: active
d-cache: MISS, HIT
last-modified: Sun, 07 May 2023 23:06:54 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jNLmWrNOVnObhKvUIcwsWu406v0nPnEVyWQ0CSkvoSIy9F2Q5ce1OCqn2CLpSIG9HHWpVM1Kz4amf6tmwn4c9IlhomOvOOVG9F7T%2FbPVmInEPPNFV5kuvEokmA%2FPwbn9YDQbRRIee3o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
x-varnish: 94026260
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 7d43b95debe4a883-SYD

GET
H2 200 hit.gif
au-script.dotmetrics.net/ 43 B
1 KB 428ms
427ms Image
image/gif 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://au-script.dotmetrics.net/hit.gif?id=13061&url=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&dom=www.plusrewards.com.au&r=1686254458585&pvs=1&pvid=60e7f892-faff-40ef-94e4-13559313dfe9&c=true&tzOffset=0&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fid%3d13061
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:59 GMT
dotmetrics-hit-status: 05 DOMAIN_INVALID
via: 1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: image/gif
cache-control: no-cache
x-amz-cf-id: LMYc6Nz3xNzVubbyHQrer3k5VH8wcdf9ot0snTQK_8QRgMug_UzWwA==

GET
H2 200 hit.gif
rm-script.dotmetrics.net/ 807 B
1 KB 1554ms
412ms Image
image/gif 13.224.249.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rm-script.dotmetrics.net/hit.gif?id=13061&url=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&dom=www.plusrewards.com.au&r=1686254458585&pvs=1&pvid=60e7f892-faff-40ef-94e4-13559313dfe9&c=true&tzOffset=0
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-127.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 01:46:08 GMT
via: 1.1 7e15719c90fc4193eff06d80a6052924.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 12:25:02 GMT
server: AmazonS3
x-amz-cf-pop: SIN52-C2
age: 65693
x-amz-server-side-encryption: AES256
etag: "e4f758e6322c8f8abfa1f6eba71ee873"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=86400
accept-ranges: bytes
content-length: 807
x-amz-cf-id: 2qdCntXD6ODbgnGFOLwAk_CBZDEO-RdDQjUsP3C4D0rG2JP_NoOa8w==

GET
H2 200 script.js Show response
au-script.dotmetrics.net/Scripts/ 34 KB
14 KB 562ms
562ms Script
application/javascript 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/Scripts/script.js?v=226
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?id=13061
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 26587f7d7f7c842e7b454e054f67972ce7314cf87bee34e4bf57d9780691be25

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:59 GMT
content-encoding: br
via: 1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
last-modified: Tue, 06 Jun 2023 09:17:30 GMT
server: Kestrel
x-amz-cf-pop: SIN2-C1
etag: "1d99857b7f47941"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 61mIEBNArWMhqV8bxUDjB-KGkWE_kX_S0MInGC00SuiD2krr7Ofk-g==

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame 3296 7 KB
3 KB 1316ms
328ms Document
text/html 54.148.193.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.148.193.151 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-148-193-151.us-west-2.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.plusrewards.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-usw2-2-v044-02179b389.edge-usw2.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 8VzFNsKEQBc=
content-encoding: gzip
date: Thu, 8 Jun 2023 20:01:00 GMT
last-modified: Wed, 10 May 2023 10:46:33 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
metrics.plusrewards.com.au/ 48 B
467 B 1014ms
323ms XHR
application/x-javascript 63.140.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.plusrewards.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=12925241701733556020520706302661241663&ts=1686254458957

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-117.data.adobedc.net

Software

jag /

Resource Hash

06243512890a6822ed1735c1454f230b6e51557c545493bad557346c668dc01f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.plusrewards.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Thu, 08 Jun 2023 20:00:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.plusrewards.com.au
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=ZIIzfgAAAEUOagN8
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=12901346719318198480518308526939798053
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIIzfgAAAEUOagN8

42 B
942 B

322ms
322ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIIzfgAAAEUOagN8

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-01b971176.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DHneZBg1TUs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZIIzfgAAAEUOagN8
Date: Thu, 08 Jun 2023 20:01:02 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
531 B 1208ms
304ms Script
application/javascript 74.125.23.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.plusrewards.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.23.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tg-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 1204ms
302ms Script
application/javascript 64.233.188.154
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.plusrewards.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tk-in-f154.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:01:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 824 B
825 B 335ms
335ms XHR
text/plain 142.251.8.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1770617841240281&correlator=2934802813011590&hxva=1&scor=4232135807580932&eid=31075062%2C31075145%2C21065725&output=ldjh&gdfp_req=1&vrg=202306050101&ptt=17&impl=fifs&iu_parts=5129%2Cndm.dtm%2Crewards&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=161992567&sfv=1-0-40&ists=1&prev_scp=pos%3D1&eri=1&cust_params=us%3Db%26s%3D0%26kw%3D%26sec1%3Drewards%26ksgmnt%3D%26siteview%3D1%26pagetype%3Doffers%26adl%3Dfalse%26abtest%3Da%26pvid%3D00000000000000000000000000000000-00000000000000000000000000000000-1686254455607-234011&sc=1&cookie_enabled=1&abxe=1&dt=1686254459054&lmt=1686254459&dlt=1686254451659&idt=7048&adxs=0&adys=4656&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&frm=20&vis=1&psz=1600x4656&msz=1600x0&fws=0&ohw=0&ga_vid=341549740.1686254458&ga_sid=1686254458&ga_hid=1186991900&ga_fc=true

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tb-in-f155.1e100.net

Software

cafe /

Resource Hash

f427505639cffcd00b128547d3bf95f2bd65c790739b92b9559d49e3884c75da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:00:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 448
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.plusrewards.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4462 6 KB
3 KB 1261ms
300ms Document
text/html 74.125.204.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.204.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ti-in-f132.1e100.net

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plusrewards.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 20:01:00 GMT
expires: Fri, 07 Jun 2024 20:01:00 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame 25F4 12 KB
4 KB 341ms
340ms Document
text/html 13.224.249.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.249.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-249-23.sin52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer: https://www.plusrewards.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

age: 3169
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html
date: Thu, 08 Jun 2023 19:08:11 GMT
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified: Tue, 30 May 2023 12:58:59 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 81ed70dd2a5a6558bf4a599e654fd8e0.cloudfront.net (CloudFront)
x-amz-cf-id: iTKNcPWzYEbc_iXcPPHDx36OTHe4XM-Vkao26jfYvB8gLMqLQ49Hrw==
x-amz-cf-pop: SIN52-C2
x-amz-server-side-encryption: AES256
x-amz-version-id: YXhTSJgyKCoiwHpg2kXt.Nw0qbnttgPu
x-cache: Hit from cloudfront

GET
H2 200 SiteEvent.dotmetrics Show response
au-script.dotmetrics.net/ 18 B
1 KB 428ms
428ms Script
application/javascript 54.192.150.4
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTMwNjEsImZsIjp0cnVlLCJkb20iOiJ3d3cucGx1c3Jld2FyZHMuY29tLmF1IiwibHNvIjpudWxsLCJ1cmwiOiJodHRwczovL3d3dy5wbHVzcmV3YXJkcy5jb20uYXUvZGFpbHl0ZWxlZ3JhcGgiLCJydXJsIjoiIiwicHZpZCI6IjYwZTdmODkyLWZhZmYtNDBlZi05NGU0LTEzNTU5MzEzZGZlOSIsInR6T2Zmc2V0IjowLCJvc3MiOnRydWUsIm9zZXMiOnRydWV9&r=1686254459654
Requested by: Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=226
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-4.sin2.r.cloudfront.net
Software: Kestrel /
Resource Hash: 7153de840f0ead8b0b5015d3f47ae25c347476e0a24b851bb5ab0831c58a0226

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:01:00 GMT
content-encoding: br
via: 1.1 0513e563e8ed82222d18853f4b40818a.cloudfront.net (CloudFront)
server: Kestrel
x-amz-cf-pop: SIN2-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: vNLUI8VuBPVmwyE-TQTWLlGWtLTDWRqCS7Zq5K4kEXIP7yfQsIhSSQ==

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame 25F4 44 B
721 B 1250ms
412ms Image
image/gif 3.1.142.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P5A1ABC62-BAAA-43C4-8D63-3665F832DAEE&sessionId=cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459&c16=sdkv,bj.6.0.0&uoo=&fp_id=mix2gxxjoryxx2lj4lcx2r5e9wiwz1686254459&fp_cr_tm=1686254459429&fp_acc_tm=1686254459429&fp_emm_tm=1686254459429&ve_id=&c30=bldv,6.0.0.663&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.142.54 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-142-54.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:00 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459.nuid.imrworldwide.com/ Frame 25F4 35 B
350 B 1554ms
412ms Image
image/gif 54.192.150.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459.nuid.imrworldwide.com/
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.150.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-192-150-79.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 22:23:25 GMT
via: 1.1 a84eb604396158af577c875ac569048a.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-C1
age: 86124
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
accept-ranges: bytes
content-length: 35
x-amz-cf-id: lTLfsKszryvGhaH_fU-qJuFW2_YJaLJB6Ala0uPoCW6SVhSlm-SwaQ==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 331ms
331ms XHR
application/json 52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=12925241701733556020520706302661241663&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1686254459974

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

b4c273fb3d5f9f1041c7f7c381c954fcc08a71c9f896ecf36e8b7044f046d4a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.plusrewards.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-usw2-2-v044-0f76c4d80.edge-usw2.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: EaLRCKBlRO0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.plusrewards.com.au
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1562
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5061789209107464973
dpm.demdex.net/ Frame 3296
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5061789209107464973

42 B
942 B

455ms
330ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5061789209107464973

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-057559358.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: c7tMxMWsQbU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Thu, 08 Jun 2023 20:01:01 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 66.203.112.167; 66.203.112.167; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: a47d6c07-5bc2-4dca-9a76-227f9762fded
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5061789209107464973
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 s45661055030589 Show response
metrics.plusrewards.com.au/b/ss/newscorpau-teleweb,newscorpau-global/10/JS-2.22.4/ 5 KB
5 KB 335ms
334ms Script
application/x-javascript 63.140.36.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.plusrewards.com.au/b/ss/newscorpau-teleweb,newscorpau-global/10/JS-2.22.4/s45661055030589?AQB=1&ndh=1&pf=1&callback=s_c_il[0].doPostbacks&et=1&t=8%2F5%2F2023%2020%3A1%3A0%204%200&d.&nsid=0&jsonv=1&.d&mid=12925241701733556020520706302661241663&aamlh=9&ce=UTF-8&ns=newscorpau&cdp=3&pageName=dt%7Crewards%7Coffers%7Crewards%20offers&g=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&c.&getNewRepeat=3.0&getTimeSinceLastVisit=2.0&getPreviousValue=3.0&getPercentPageViewed=5.0.1&getTimeParting=6.3&.c&cc=AUD&ch=D%3Dv4&events=event1%2Cevent8%2Cevent63%3D66&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cdaily%20telegraph%7Cdaily%20telegraph%20web%7Crewards&c2=D%3Dv2&v2=daily%20telegraph&c3=D%3Dv3&v3=daily%20telegraph%20web&c4=D%3Dv4&v4=rewards&c9=D%3Dv9&v9=offers&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c22=D%3Dv22&v22=6%3A01%20AM%7CFriday&c24=D%3Dv24&v24=New&c30=New%20Visitor&v34=D%3Dg&c45=landscape&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&c60=D%3Dv60&v60=66&c65=D%3Dv65&v65=false&c75=D%3Dv80&v76=chrome%20pdf%20plugin%3Bchrome%20pdf%20viewer%3Bnative%20client&v77=D%3Dmid&v78=au%7Cnsw%7Csydney%7C-33.88%7C151.22%7Cgmt%2B10%7Cunknown&v79=au&v80=00000000000000000000000000000000-00000000000000000000000000000000-1686254455607-234011&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

63.140.36.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-36-117.data.adobedc.net

Software

jag /

Resource Hash

778bd4d36ee94265b445599544095292843489f07e19cb6611ec21910ec81a22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-aam-tid: Sgd89hegSA8=
date: Thu, 08 Jun 2023 20:01:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5021
x-xss-protection: 1; mode=block
dcs: dcs-prod-usw2-1-v044-01e610fe2.edge-usw2.demdex.com 6 ms
pragma: no-cache
last-modified: Fri, 09 Jun 2023 20:01:00 GMT
server: jag
etag: 3621203879341457408-4619728787908357489
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Wed, 07 Jun 2023 20:01:00 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=8382666099272121344
dpm.demdex.net/ Frame 3296
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=8382666099272121344

42 B
942 B

324ms
324ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=8382666099272121344

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-0a20a0f54.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: p+VDQWj+Sr4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=8382666099272121344
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:01 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3296 0
718 B 1415ms
336ms Image
text/plain 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=12901346719318198480518308526939798053&gdpr=0&gdpr_consent=
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: d264e84c9dc1a645a3048554992c5d82
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEEMf-eeTNXGBMutmJrSun1I&google_cver=1
dpm.demdex.net/ Frame 3296
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTI5MDEzNDY3MTkzMTgxOTg0ODA1MTgzMDg1MjY5Mzk3OTgwNTM=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEMf-eeTNXGBMutmJrSun1I&google_cver=1?gdpr=0&gdpr_consent=

42 B
943 B

331ms
331ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEMf-eeTNXGBMutmJrSun1I&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-07a6e78a4.edge-usw2.demdex.com 10 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ok5b2OFpT6I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:01 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEEMf-eeTNXGBMutmJrSun1I&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=795ca62c-1158-48aa-bbb7-b88307218f7d
dpm.demdex.net/ Frame 3296
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.plusrewards.com.au&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&domain=www.plusrewards.com.au&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=795ca62c-1158-48aa-bbb7-b88307218f7d

42 B
942 B

334ms
334ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=795ca62c-1158-48aa-bbb7-b88307218f7d

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-05bc02e6b.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: i24vt7FaTkk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:01 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=795ca62c-1158-48aa-bbb7-b88307218f7d
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 189

GET
H2 500 usersync.html
image5.pubmatic.com/AdServer/usersync/ Frame 3296 0
0 1034ms
352ms Image
text/html 23.207.180.199
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.207.180.199 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-180-199.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=ZIIzfpt74ggyRyWVvTnCtAAA%264857
dpm.demdex.net/ Frame 3296
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIIzfpt74ggyRyWVvTnCtAAA%264857

42 B
942 B

325ms
325ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIIzfpt74ggyRyWVvTnCtAAA%264857

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-014084451.edge-usw2.demdex.com 7 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KbfTbtVLSEU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 20:01:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZIIzfpt74ggyRyWVvTnCtAAA%264857
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-87073e4745fb36fd1f73de58c26c9c5d
dpm.demdex.net/ Frame 3296
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=12901346719318198480518308526939798053&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-87073e4745fb36fd1f73de58c26c9c5d

42 B
942 B

332ms
331ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-87073e4745fb36fd1f73de58c26c9c5d

Requested by

Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-07d45fc77.edge-usw2.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: IZ3UlSeyS+c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-87073e4745fb36fd1f73de58c26c9c5d
Date: Thu, 08 Jun 2023 20:01:01 GMT
useSecure: true
Server: openresty/1.19.9.1
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3296
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=12901346719318198480518308526939798053&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://ps.eyeota.net/match/bounce/?bid=6j5b2cv&uid=12901346719318198480518308526939798053&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
960 B

321ms
321ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-2-v044-00bfed226.edge-usw2.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: XieZQK+hQYg=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Thu, 08 Jun 2023 20:01:03 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3296
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=12901346719318198480518308526939798053
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12901346719318198480518308526939798053

0
337 B

962ms
318ms

Image
text/plain

44.226.10.111
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12901346719318198480518308526939798053
Protocol: H2
Server: 44.226.10.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-226-10-111.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-served-by: beacon-n003-pdx-prod.krxd.net
date: Thu, 08 Jun 2023 20:01:03 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1686254463
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=12901346719318198480518308526939798053
date: Thu, 08 Jun 2023 20:01:02 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a014-ash-prod.krxd.net

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 3296
Redirect Chain

https://tags.bluekai.com/site/43981?id=12901346719318198480518308526939798053&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
960 B

320ms
319ms

Image
image/gif

52.43.205.135
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Protocol

HTTP/1.1

Server

52.43.205.135 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-43-205-135.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

DCS: dcs-prod-usw2-1-v044-0fbcb03c0.edge-usw2.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: h6McPUi1QBI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 303,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
date: Thu, 08 Jun 2023 20:01:02 GMT
server-timing: ak_p; desc="1686254462343_1611772965_224744060_18430_547_332_340_146";dur=1
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WklJemZnQUFBWVZuYVFCUg==&_test=ZIIzfgAAAYVnaQBR

170 B
243 B

302ms
301ms

Image
image/png

142.250.157.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WklJemZnQUFBWVZuYVFCUg==&_test=ZIIzfgAAAYVnaQBR

Protocol

Server

142.250.157.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ta-in-f155.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-bfi-kbfi7400107-BFI
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686254463.067738,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WklJemZnQUFBWVZuYVFCUg==&_test=ZIIzfgAAAYVnaQBR
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
597 B 413ms
413ms Image
image/gif 3.1.142.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b09_dailytelegraph_S&asn=dailytelegraph&fp_id=mix2gxxjoryxx2lj4lcx2r5e9wiwz1686254459&fp_cr_tm=1686254459429&fp_acc_tm=1686254459429&fp_emm_tm=1686254459429&ve_id=&sessionId=cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459&prv=1&c6=vc,b09&ca=NA&c13=asid,P5A1ABC62-BAAA-43C4-8D63-3665F832DAEE&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,ykb9yslctdh1x6ieqmg3fph3wui6d1686254459&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16862544594231679&c30=bldv,6.0.0.663&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1686254456739&c3=st,c&c64=starttm,1686254460&adid=1686254456739&c58=isLive,false&c59=sesid,&c61=createtm,1686254460&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.plusrewards.com.au%2Fdailytelegraph&c66=mediaurl,&sdd=&c62=sendTime,1686254460&rnd=612659
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.1.142.54 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-1-142-54.ap-southeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:01 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=ZIIzfgAGFCxRKABI
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZIIzfgAGFCxRKABI&expires=90&_test=ZIIzfgAGFCxRKABI

42 B
797 B

1414ms
334ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZIIzfgAGFCxRKABI&expires=90&_test=ZIIzfgAGFCxRKABI
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-bfi-kbfi7400107-BFI
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686254463.068559,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=ZIIzfgAGFCxRKABI&expires=90&_test=ZIIzfgAGFCxRKABI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIIzfgAAAEUOagN8
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIIzfgAAAEUOagN8&C=1

43 B
766 B

489ms
488ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=ZIIzfgAAAEUOagN8&C=1
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 20:01:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 20:01:04 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=ZIIzfgAAAEUOagN8&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=ZIIzfgAAAEUOagN8

43 B
1 KB

304ms
304ms

Image
image/gif

104.254.151.68
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=ZIIzfgAAAEUOagN8

Protocol

HTTP/1.1

Server

104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 08 Jun 2023 20:01:03 GMT
AN-X-Request-Uuid: 4f2347ca-4176-4b24-995e-8f33b09702c1
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 66.203.112.167; 66.203.112.167; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-bfi-kbfi7400107-BFI
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:02 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686254463.790666,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=ZIIzfgAAAEUOagN8
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=ZIIzfgAGFCxRKABI
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZIIzfgAGFCxRKABI

43 B
180 B

265ms
264ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZIIzfgAGFCxRKABI
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:04 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=ZIIzfgAGFCxRKABI
date: Thu, 08 Jun 2023 20:01:04 GMT
via: 1.1 google
server: OXGW/0.0.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZIIzfgAGFCxRKABI

1 B
453 B

1526ms
334ms

Image
text/html

207.65.33.82

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZIIzfgAGFCxRKABI
Protocol: H2
Server: 207.65.33.82 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Thu, 08 Jun 2023 20:01:05 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-bfi-kbfi7400107-BFI
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686254464.509121,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=ZIIzfgAGFCxRKABI
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZIIzfgAGFCxRKABI&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZIIzfgAGFCxRKABI&img=1&__user_check__=1&sync_id=33cce126-0637-11ee-b402-12ab75a30107

43 B
548 B

337ms
336ms

Image
image/gif

103.71.26.125

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=ZIIzfgAGFCxRKABI&img=1&__user_check__=1&sync_id=33cce126-0637-11ee-b402-12ab75a30107
Protocol: HTTP/1.1
Server: 103.71.26.125 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Date: Thu, 08 Jun 2023 20:01:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 29
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 08 Jun 2023 20:01:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=ZIIzfgAGFCxRKABI&img=1&__user_check__=1&sync_id=33cce126-0637-11ee-b402-12ab75a30107
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 61
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 3296
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZIIzfgAGFCxRKABI&t=2592000&o=0

43 B
830 B

499ms
499ms

Image
image/gif

157.240.235.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZIIzfgAGFCxRKABI&t=2592000&o=0

Protocol

Server

157.240.235.35 , Singapore, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-04-sin6.facebook.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 13:01:04 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: 7Gin6CFk2V0x9qYrIZnjzxA8jICag74reANwQ9M5nSS9TqwpvViFualcfICKN+NfqonPVYwvAig/TkUCdvU3FQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Thu, 08 Jun 2023 13:01:04 PDT

Redirect headers

x-served-by: cache-bfi-kbfi7400107-BFI
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:03 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1686254464.838209,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=ZIIzfgAGFCxRKABI&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 3296 43 B
374 B 1497ms
369ms Image
image/gif 151.101.129.44

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-vcl-time-ms: 50
pragma: no-cache
date: Thu, 08 Jun 2023 20:01:05 GMT
via: 1.1 varnish
x-served-by: cache-bfi-krnt7300105-BFI
server: nginx
x-timer: S1686254465.008610,VS0,VE50
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 0
sync.1rx.io/usersync/adobe/ Frame 3296 0
99 B 1202ms
313ms Image
text/plain 74.118.186.107

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
Requested by: Host: www.plusrewards.com.au
URL: https://www.plusrewards.com.au/dailytelegraph
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 74.118.186.107 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 08 Jun 2023 20:01:05 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0

GET
H2 200 generic1682908500556.js Show response
nebula-cdn.kampyle.com/au/wau/132224/onsite/ 497 KB
89 KB 306ms
306ms Script
application/javascript 151.101.193.175
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://nebula-cdn.kampyle.com/au/wau/132224/onsite/generic1682908500556.js

Requested by

Host: nebula-cdn.kampyle.com
URL: https://nebula-cdn.kampyle.com/au/wau/132224/onsite/embed.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.175 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a7de4438ab82b711c5099dd9c757e54eb65222316a3c15d18dbc2aa268660ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-amz-version-id: EgRnU7PzhYIDYvzV5S2EGq_7NKTY_Sh0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 08 Jun 2023 20:01:02 GMT
strict-transport-security: max-age=31557600
x-amz-request-id: 50HHNT41CXZR9NMX
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 90932
x-amz-id-2: oj/FwlKtpDuFe2gjpxSqu8x/IUwN3/ndEGCzBq9xWnYmeqNpWvNKNl62NV0lEkpmX5roENDy0hk=
x-served-by: cache-bfi-kbfi7400021-BFI
last-modified: Mon, 01 May 2023 02:35:01 GMT
server: AmazonS3
x-timer: S1686254463.823039,VS0,VE0
etag: "796c9ef1903b5217456928fdec376d3f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
x-cache-hits: 81

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 1210ms
309ms XHR
application/json 74.125.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202306050101&st=env

Requested by

Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.26.4/raven.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ti-in-f155.1e100.net

Software

cafe /

Resource Hash

b3f88f66314536598a572bff96b02e95967d41f1fcb1b3bbafa84b00657242e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:01:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11278
x-xss-protection: 0

GET
H2 200 __cool.gif
udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/ 0
318 B 722ms
377ms Image
image/gif 35.241.45.82
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://udc-neb.kampyle.com/egw/5/qceuv8449dzg58ptt1bhda9g8ue19c7s/track/__cool.gif?data=eyJldmVudHMiOiBbCiAgICB7InNlc3Npb25fc2NyZWVuX3NpemUiOiAiMTYwMHgxMjAwIiwic2Vzc2lvbl9kdWEiOiAiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzExNC4wLjU3MzUuMTA2IFNhZmFyaS81MzcuMzYiLCJzZXNzaW9uX3BsYXRmb3JtIjogIldpbjMyIiwicGFnZV90aXRsZSI6ICJIb21lIHwgK1Jld2FyZHMiLCJwYWdlX3VybCI6ICJodHRwczovL3d3dy5wbHVzcmV3YXJkcy5jb20uYXUvZGFpbHl0ZWxlZ3JhcGgiLCJ0cmFja2VyX3R5cGUiOiAiamF2YXNjcmlwdCIsInRyYWNrZXJfdmVyc2lvbiI6ICIyLjIuMjMiLCJldmVudF9uYW1lIjogIm5lYnVsYV9wYWdlX3ZpZXciLCJldmVudF90aW1lc3RhbXBfZXBvY2giOiAiMTY4NjI1NDQ2MzQ1OSIsImV2ZW50X3RpbWV6b25lX29mZnNldCI6IDAsInVzZXJfaWQiOiAiMTg4OWM5OTI5ZDc1NWEtMDhiMmU1OWQyNjlmMGYtNjMzZDUwNTQtMWQ0YzAwLTE4ODljOTkyOWQ4ZDc1IiwiZW52aXJvbWVudCI6ICJkaWdpdGFsLWNsb3VkLXN5ZDEiLCJhY2NvdW50SWQiOiAxMzIyMjIsInVybCI6ICJodHRwczovL3d3dy5wbHVzcmV3YXJkcy5jb20uYXUvZGFpbHl0ZWxlZ3JhcGgiLCJ3ZWJzaXRlSWQiOiAxMzIyMjQsImZvcm1JZCI6IG51bGwsImZvcm1UcmlnZ2VyVHlwZSI6IG51bGwsImthbXB5bGVfZGF0YSI6IHsibWRfaXNTdXJ2ZXlTdWJtaXR0ZWRJblNlc3Npb24iOiAiIiwiTEFTVF9JTlZJVEFUSU9OX1ZJRVciOiAiIiwiREVDTElORURfREFURSI6ICIiLCJrYW1weWxlSW52aXRlUHJlc2VudGVkIjogIiIsImthbXB5bGVfdXNlcmlkIjogIjExYWQtZmI3Mi1lMzFhLWFhNzMtMzkxZS00OTc4LTA2YTktNjRiMyIsImthbXB5bGVVc2VyU2Vzc2lvbiI6ICIxNjg2MjU0NDYzNDU1Iiwia2FtcHlsZVVzZXJQZXJjZW50aWxlIjogIiIsIlNVQk1JVFRFRF9EQVRFIjogIiJ9LCJjb29raWVfc2l6ZSI6IDIwMjEsImthbXB5bGVfdmVyc2lvbiI6ICIyLjUwLjIiLCJvbnNpdGVfdmVyc2lvbiI6ICIyLjUwLjIiLCJoaXN0b3J5X2xlbmd0aCI6IDIsImV2ZW50X2xvY2FsX3RpbWVzdGFtcCI6IDE2ODYyNTQ0NjM0NTksInBvc2l0aW9uIjogbnVsbCwiaXNVc2VySWRlbnRpZmllZCI6IGZhbHNlfQpdfQ==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.82 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 82.45.241.35.bc.googleusercontent.com
Software: Jetty(9.2.11.v20150529) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

x-me: prod-instance-gatewayservice-green-xsj2
date: Thu, 08 Jun 2023 20:01:04 GMT
via: 1.1 google
server: Jetty(9.2.11.v20150529)
access-control-max-age: 1800
access-control-allow-methods: GET, POST, PUT, DELETE
content-type: image/gif; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
alt-svc: clear
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept
content-length: 0
x-application-context: application:9090

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 1228ms
300ms Script
text/javascript 142.251.8.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202306050101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:01:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 20:01:05 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 166D 13 KB
5 KB 302ms
298ms Document
text/html 142.251.8.132

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.8.132 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.plusrewards.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 512432
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Jun 2023 21:40:33 GMT
expires: Sat, 01 Jun 2024 21:40:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3DC4 783 B
1 KB 1202ms
303ms Document
text/html 64.233.188.147

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.188.147 -, , ASN (),

Reverse DNS

Software

GSE /

Resource Hash

7295c7595bf32c6896fd62293cafaca7fb591ed365122ef8286fc89a51658a22

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6_I8YRTHtpXIgjfSHESUaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.plusrewards.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-6_I8YRTHtpXIgjfSHESUaQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 08 Jun 2023 20:01:06 GMT
expires: Thu, 08 Jun 2023 20:01:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js Show response
pagead2.googlesyndication.com/bg/ Frame 166D 37 KB
15 KB 1497ms
298ms Script
text/javascript 74.125.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/F23xA4-E8U0dLsM7Ua-M74A0tuvycQb5txb3FNVg6II.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.204.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ti-in-f155.1e100.net

Software

sffe /

Resource Hash

176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Wed, 07 Jun 2023 08:05:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 129340
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14698
x-xss-protection: 0
last-modified: Mon, 05 Jun 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Jun 2024 08:05:26 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3DC4 0
0 656ms
354ms Image
text/html 74.125.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202306050101&jk=1770617841240281&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.204.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ti-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 166D 0
40 B 298ms
297ms Image
text/plain 142.251.8.132

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?W9iz4w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.8.132 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

date: Thu, 08 Jun 2023 20:01:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 303ms
302ms Image
text/html 74.125.204.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202306050101&jk=1770617841240281&bg=!5Oel57PNAAaGYqkwpmI7ADkAdvg8WoeIGNOVcT8nB0b1hPFIKAAAPidBeqMnfeHC14bRh9Kc7V4d-GNMTCc2-eZcGuxKPLeg0_oCAAAAYFIAAAAGaAEHCgCAD8p2FyTBbrbFnxHdBk4XBvzIcc81-437BTrkVJcM0VrFilPxGEN7fH9fwC149AAONShY0JWMHUATw0YleW_oV9gsy3Rv2XMvWG6CTQbdeK-urK5Vu2nTwp2zpwmeNuFN_IeIeMMKzsTLSFTDkFWqx_KEnzY-KkE_7KgMcZ_qEVSZAvTqsPG8fXMrEN17N48l_OINRrptYU4exlQ6864px-hXmRVILnep0eSviZCAqDMLIqrtN-2ZJvyydSLTBAWarq2GZwVXRLnPtcus8PyiJsWwgo_QzMuAWlwagnW9FokIPAOK47dYswpYNhOw13SVGN_X4QFuyZobrCcQua8VLNm6fmI_YdEP4UFh4ipRm0ihBmwozMdJVCJJs6mOfgbFB-aN_5VmAvp9eL5Ttk7JrC73v2Buc_gaRMrI_87apJkNs3Btzo1HQDRbVvxNvYDcx3EeXa3TppJOBCKaOW2U3xt_5m_qJzX4sAvltOR85lqXo5OTmo2hGtkoQVNfl-YFTr9sUIMOKk8Z7RT_t1Maosmyf9rUgGJilJY1VEWdsI__Czgq1kMLIUa8uOJKngMctXDfRn156uNgoGgFHSvW-74AvcQlNEhFqhPcbtE0O22Ye7e38_sO8vtAo4bUIOFzP_Leu2yZDenaMbR8Ummg_C7hnZ4OmsIJsJ-N7lq4CzMqnaKWnvb0tJBLWkPad2zJd3ePQqmrI5jG2VGX7bnbQkTCG92NtBMizLZyPHRrx9qc14mHutI21mnk4KNFHAnHJTrz91_-P4zG-B2wy7xT8V-OBanz4h_rKnZLtRQkGcknYYjWs_ZtjtMlCNXH1oBUxPhNya2Co6StHJ1K6juEoiLx7yKX3P1CIUk7MV-Hra399IfygjrQPYlDcVl5rIUJV-0nQK2QBAqKMhpBG6R-C7OJqhKrH-Eu6sw4WU2aSRfcV2XtdUu8ga5LpxIzeOjV6x8-h3BEaeIxQY2IiErct235Y9l2ao2dayOPvIEeGV5nHRNiPlAC1Mh08bQ9hp-SYiYtpmK8MsHOJKVLNy6QWSVeuUySId2qJXhgYOWSneMqaMVLCXtEtV_qYtg5HaZrq9AJrLt4jn9xT3rhUSX2bJrorYWU7Bn_adH1nCJcOJP4yDLTeAyd6-7YowiIJ9V7z8rf5ERfd-C-zBxt-RYFOCzUGptiXqc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.204.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: ti-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.plusrewards.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.106 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/akam/13/3ef652fa

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/bbjKn5a9/Gmi/6Tk/5oq5vT4igr/5cEDQfG4cV/Yy41AxIr/IS05EhQ/EJRo

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/_sec/cp_challenge/sec-3-10.css

Domain: login.newscorpaustralia.com
URL: https://login.newscorpaustralia.com/_sec/cp_challenge/sec-cpt-3-10.js

Verdicts & Comments Add Verdict or Comment

139 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

66 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.plusrewards.com.au/	1970-01-20 12:24:46	Name: lastVisitedInstance Value: %2Fdailytelegraph
www.plusrewards.com.au/	1969-12-31 23:59:59	Name: smoothscroll Value: true
.plusrewards.com.au/	1970-01-20 21:09:50	Name: utag_main Value: v_id:01889c9905f6001b05db4922b9db03074002d06c00b08$_sn:1$_se:1$_ss:1$_st:1686256254263$ses_id:1686254454263%3Bexp-session$_pn:1%3Bexp-session
.plusrewards.com.au/	1970-01-20 14:33:50	Name: _fbp Value: fb.2.1686254455673.2076105885
bs.serving-sys.com/	1969-12-31 23:59:59	Name: OT_9625 Value: 1
.serving-sys.com/	1970-01-20 13:07:26	Name: OT2 Value: 0002mp1sM4
.serving-sys.com/	1970-01-20 13:07:26	Name: u2 Value: f1097527-9562-4479-a36c-36d82851e1aa4MY050
.plusrewards.com.au/	1970-01-20 22:00:14	Name: __utma Value: 215327702.341549740.1686254458.1686254458.1686254458.1
.plusrewards.com.au/	1969-12-31 23:59:59	Name: __utmc Value: 215327702
.plusrewards.com.au/	1970-01-20 16:47:02	Name: __utmz Value: 215327702.1686254458.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.plusrewards.com.au/	1970-01-20 12:24:15	Name: __utmt Value: 1
.plusrewards.com.au/	1970-01-20 12:24:16	Name: __utmb Value: 215327702.1.10.1686254458
login.newscorpaustralia.com/	1970-01-20 21:10:12	Name: did Value: s%3Av0%3A2f4eb7c0-0637-11ee-ab9e-57e012bbd304.%2F3dC1gwu1pSD6XgpaSqQUwilEyd18XNnamOWVdu4PDQ
.demdex.net/	1970-01-20 16:43:26	Name: demdex Value: 12901346719318198480518308526939798053
.plusrewards.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.dotmetrics.net/	1970-01-20 21:09:50	Name: DotMetrics.DeviceKey Value: DeviceID=
.dotmetrics.net/	1970-01-20 21:09:50	Name: DotMetrics.UniqueUserIdentityCookie Value: UserID=16233a92-46fb-4282-b7cb-8d805ee95cca&Created=06/08/2023 20:00:59&UserMode=0&guid=2360248c-e874-4921-ac68-00ec2583ae64&ver=1
.plusrewards.com.au/	1970-01-20 21:45:50	Name: __gads Value: ID=6646c60af3d9ce67:T=1686254459:RT=1686254459:S=ALNI_MZGUXz5109_aKbvf-nxJiGmIw-eTg
.plusrewards.com.au/	1970-01-20 21:45:50	Name: __gpi Value: UID=00000c110eb56c08:T=1686254459:RT=1686254459:S=ALNI_MY6OQC3jmoJ3dRGXEeSA39zphXctw
.plusrewards.com.au/	1970-01-20 16:43:26	Name: nol_fpid Value: mix2gxxjoryxx2lj4lcx2r5e9wiwz1686254459\|1686254459429\|1686254459429\|1686254459429
www.plusrewards.com.au/	1969-12-31 23:59:59	Name: DM_SitId1556 Value: 1
www.plusrewards.com.au/	1969-12-31 23:59:59	Name: DM_SitId1556SecId13061 Value: 1
.plusrewards.com.au/	1970-01-20 22:00:14	Name: s_ecid Value: MCMID%7C12925241701733556020520706302661241663
.plusrewards.com.au/	1970-01-20 12:24:16	Name: s_tbm Value: true
.plusrewards.com.au/	1970-01-20 13:07:26	Name: s_nr30 Value: 1686254460311-New
.plusrewards.com.au/	1970-01-20 22:00:14	Name: s_tslv Value: 1686254460311
.plusrewards.com.au/	1970-01-20 12:24:16	Name: s_inv Value: 0
.plusrewards.com.au/	1970-01-20 12:24:16	Name: s_ppn Value: dt%7Crewards%7Coffers%7Crewards%20offers
.plusrewards.com.au/	1969-12-31 23:59:59	Name: s_ips Value: 1200
.plusrewards.com.au/	1969-12-31 23:59:59	Name: s_tp Value: 4656
.plusrewards.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: dt%257Crewards%257Coffers%257Crewards%2520offers%2C26%2C26%2C1200%2C1%2C3
.plusrewards.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.plusrewards.com.au/	1970-01-20 13:07:26	Name: nc_aam_segs Value: asgmnt%3D17407659%2C16675898
.plusrewards.com.au/	1970-01-20 13:07:26	Name: test_cookie Value: seg%3D12694526
.plusrewards.com.au/	1970-01-20 13:07:26	Name: aam_uuid Value: 12901346719318198480518308526939798053
au-script.dotmetrics.net/	1970-01-20 12:34:19	Name: AWSALBCORS Value: dR3AUkX7w+SWOHnHkh+uxSDBbnGzgjYQ95NbXs/FRr6byA6UyMl7NvtwwCGx4u0tTTQXFglIkY6PgPqEJ8SeR0DkIr4FC/ie7OjsEX0IRLfv0ieYFkG4AKvVD3VI
.imrworldwide.com/	1970-01-20 21:45:50	Name: IMRID Value: 30ea8d71-0637-11ee-a489-6f6f399dad80
.adsrvr.org/	1970-01-20 21:11:16	Name: TDID Value: 795ca62c-1158-48aa-bbb7-b88307218f7d
.adnxs.com/	1970-01-20 14:33:50	Name: uuid2 Value: 5061789209107464973
.adsrvr.org/	1970-01-20 21:11:16	Name: TDCPM Value: CAESEgoDYWFtEgsIsoe12qOZ9DsQBRgFIAEoAjILCIKH84W6mfQ7EAU4AQ..
.doubleclick.net/	1970-01-20 22:00:14	Name: IDE Value: AHWqTUmbA74M18D6Ly8q-RQ_yBHhnqy-NUPPKxUSZp5uyc5-Hsp3x6fqPr_PYtZPfNc
.dpm.demdex.net/	1970-01-20 16:43:26	Name: dpm Value: 12901346719318198480518308526939798053
.rubiconproject.com/	1970-01-20 21:09:50	Name: khaos Value: LINKD9V4-1S-AHIK
.rubiconproject.com/	1970-01-20 21:09:50	Name: audit Value: 1\|NWLvmbElhoEfTjaAwCUwdY1R2KA/JCyneI13IFtRwIdrLxq/6nQ6FTOOa1QZWZFt3wkpis6FfmRBK03vAHceEOzJ7rckCi5uiztIciDZSx0ZWbjVBWRnb1zmgxEl5GZj9J4yLHpSW8T0Rq7kiaZTevsScOy9Ig265cmAxi7+9V1o8946LEpae9kIb4G5wtpyAWUOhSrDlPzc6UO785F0Pw==
.scanscout.com/	1970-01-20 21:09:50	Name: uid Value: CI-87073e4745fb36fd1f73de58c26c9c5d
.scanscout.com/	1970-01-20 21:09:50	Name: UIAA Value: 12901346719318198480518308526939798053
.scanscout.com/	1970-01-20 21:09:50	Name: UIXX_UPDT Value: "UIAA=1686254461954"
.turn.com/	1970-01-20 16:43:26	Name: uid Value: 8382666099272121344
.demdex.net/	1970-01-20 16:43:26	Name: dextp Value: 358-1-1686254460297\|470-1-1686254460398\|481-1-1686254460499\|771-1-1686254460600\|903-1-1686254460701\|19566-1-1686254460802\|23728-1-1686254460903\|30432-1-1686254461004\|30064-1-1686254461105\|66757-1-1686254461206\|134096-1-1686254461307\|144230-1-1686254461408\|144231-1-1686254461509\|144232-1-1686254461609\|144233-1-1686254461711\|144234-1-1686254461812\|144235-1-1686254461912\|144236-1-1686254462013\|144237-1-1686254462114\|147592-1-1686254462215\|461447-1-1686254462316
.plusrewards.com.au/	1970-01-20 22:00:14	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C19517%7CMCMID%7C12925241701733556020520706302661241663%7CMCAAMLH-1686859260%7C9%7CMCAAMB-1686859260%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCCIDH%7C0%7CMCOPTOUT-1686261660s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19524%7CvVersion%7C5.1.1
.casalemedia.com/	1970-01-20 21:09:50	Name: CMID Value: ZIIzfpt74ggyRyWVvTnCtAAA
.casalemedia.com/	1970-01-20 14:33:50	Name: CMPS Value: 4857
.casalemedia.com/	1970-01-20 14:33:50	Name: CMPRO Value: 4857
.everesttech.net/	1970-01-20 21:09:50	Name: everest_g_v2 Value: g_surferid~ZIIzfgAGFCxRKABI
.bluekai.com/	1970-01-20 16:47:45	Name: bku Value: pSL99cTpQZHV/UGI
.bluekai.com/	1970-01-20 16:47:45	Name: bkpa Value: KJy9CxObd02pSUHknpxpmEQhwtkAwEW0mE9h1pxtBpW81pWT1EATBeQyBEWT1p9TBE/tmE18BpAT1eDpJ7Jkjsk0wVC65cOpJEBOJEJsJEJsjcO+nZHkqVHkKY8rjUxk1AjoR71k16aAzskAJEBW1E161eAtJE/tjcON5VkAJEBWJE/6U6JnUNPPuDxe9ehLJnA=
.eyeota.net/	1970-01-20 21:11:16	Name: mako_uid Value: 1889c9927b5-5f3d0000010841bb
.eyeota.net/	1970-01-20 12:24:15	Name: SERVERID Value: 16827~DM
.adnxs.com/	1970-01-20 14:33:50	Name: anj Value: dTM7k!M4.FErk#WF']wIg2InAr+3U#!]tbPl1MwL(!R7qUY%j8F5w0LYWJX#[12=kX:y+aF/x]y/X%W#.wL5oa9/sZwfzrVL%(+:TWBCu(lOfM!wwYD*u6nA
www.plusrewards.com.au/	1970-01-20 21:09:50	Name: mdLogger Value: false
www.plusrewards.com.au/	1970-01-20 21:09:50	Name: kampyle_userid Value: 11ad-fb72-e31a-aa73-391e-4978-06a9-64b3
www.plusrewards.com.au/	1970-01-20 21:09:50	Name: kampyleUserSession Value: 1686254463455
www.plusrewards.com.au/	1970-01-20 21:09:50	Name: kampyleUserSessionsCount Value: 1
www.plusrewards.com.au/	1970-01-20 21:09:50	Name: kampyleSessionPageCounter Value: 1
.krxd.net/	1970-01-20 16:43:26	Name: _kuid_ Value: PmobWqL1
.openx.net/	1970-01-20 21:09:50	Name: i Value: c8d48a48-bb2f-4c28-a102-97afa7a3a357\|1686254464

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: [Report Only] Refused to frame 'https://login.newscorpaustralia.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'self'".
network	error	URL: https://login.newscorpaustralia.com/csp-reports Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID Message: Failed to load resource: the server responded with a status of 500 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src * 'unsafe-eval' 'unsafe-inline'; object-src 'none'; frame-ancestors 'self' https://myaccount.news.com.au https://myaccount.news.com.au
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.au
au-script.dotmetrics.net
beacon.krxd.net
bs.serving-sys.com
c7a3125055c42a03760cef51381defae.safeframe.googlesyndication.com
cd1oe6ruqkk8ctmtgkjoxcqbjjcum1686254459.nuid.imrworldwide.com
cdn-gl.imrworldwide.com
cdn.ravenjs.com
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.scanscout.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
login.newscorpaustralia.com
match.adsrvr.org
metrics.plusrewards.com.au
nebula-cdn.kampyle.com
newscorpau.demdex.net
pagead2.googlesyndication.com
pixel.rubiconproject.com
ps.eyeota.net
rm-script.dotmetrics.net
secure-ds.serving-sys.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
udc-neb.kampyle.com
us-u.openx.net
usermatch.krxd.net
www.facebook.com
www.google.com
www.news.com.au
www.plusrewards.com.au
login.newscorpaustralia.com
103.71.26.125
104.254.151.68
104.69.163.134
104.69.166.9
13.224.249.127
13.224.249.23
139.5.84.243
142.250.157.155
142.251.8.132
142.251.8.155
151.101.129.44
151.101.193.175
151.101.66.217
151.101.66.49
157.240.235.1
157.240.235.35
172.67.68.104
18.141.109.184
199.127.207.188
207.65.33.82
23.207.180.112
23.207.180.192
23.207.180.199
3.1.142.54
34.98.64.218
35.241.45.82
35.71.131.137
44.226.10.111
50.116.239.135
52.3.183.164
52.43.205.135
52.76.199.21
52.84.251.5
54.148.193.151
54.192.150.4
54.192.150.79
54.255.42.190
63.140.36.117
64.233.188.147
64.233.188.154
64.233.188.156
64.233.188.94
69.173.158.64
74.118.186.107
74.125.203.95
74.125.204.132
74.125.204.155
74.125.204.97
74.125.23.157
96.17.72.59
002856eb594d2755e967afbc01ed1d8cfcc4232f4abfe714a5b8a9b55a367258
0061754f19243844ed8ede72b4150a852ddd8accbf33f905662ece0d4f4f168c
0149fda0fe70d117d2fb621a92eadf8d5a2956591627665543d6bce7d291413c
06243512890a6822ed1735c1454f230b6e51557c545493bad557346c668dc01f
07a15df337fccae33da1feca676790dcbdfd3c2f9745dc884fed8dbbcb6420f5
093d8f0471620eeec3858045cc17e5c83a6825fc4dc012d388f3227bbc3f6e68
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0caf64bbe8954fe9c2166955ec4e1842b2f0780fb0cbb76ed7d60ea0dc59dddd
0d0a6262c545e8bbc895116e5afb22579c468d7abb77e378f377d6fed57c1dce
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14fb3b77c88e15c85373e545a0ee32a22a0d8df26aed8142d40a5ccb7f6e2ff5
176df1038f84f14d1d2ec33b51af8cef8034b6ebf27106f9b716f714d560e882
18b976f0baead5dee34ba127ca6bf69673c0bc125a84a8ea72e9d5b61d23ccd7
22092aa34c09c9a503e3f37e2e67de5eac44650aacca0923988e26a575e630c2
231e039a4f87002b174222316ad98fa3c8bbd8b25f3e054635aecfd0e25e51b4
247373fe5b8326425a81bfd1c576a43bfdf4eaebd168dfa658f4cf233d194422
26587f7d7f7c842e7b454e054f67972ce7314cf87bee34e4bf57d9780691be25
364e39d99dfeb63e27a5361e117d335031b5c50ac54e8298f42f6cfde929552a
394cba78aabd4d7a22876a4a19d1a80a1dbbb5981f408f032ce159768e6a03eb
3a5128f3f03a9ae9f18f02f1981e916854f9a95a29f319b9d7ca8407df00ae53
3b6205206b5c515bb685b81ad82ecedf1264a0f1b6b0a99b2d89ce18fe30bc5e
3b8de612e16c13a0fe1e6a99b97ec48b4aaf958424fe48a7aceac43d78dda7fa
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5076bd7c5c84d0b533c19313a1ef4c0e6e4ba41b22f87b4ed7dcd0caea8947c7
50a6c483fae2f0c156bc37fc3532bda2b3fad60d771f7d9048c8c1bf3cfc79fb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
7153de840f0ead8b0b5015d3f47ae25c347476e0a24b851bb5ab0831c58a0226
7295c7595bf32c6896fd62293cafaca7fb591ed365122ef8286fc89a51658a22
767a456e2a3d977102a5a4224d43f77ca39d3e196d21ba98e3849eb5061d1e5c
773a100fcdbc6392876b46c7ea936963a36985600e79a08beac1d2fdb90a116e
778bd4d36ee94265b445599544095292843489f07e19cb6611ec21910ec81a22
78ce242f06e80599aeb8b75ca2a2c36cd93987a780a0cd25425498cd41170d69
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b45c49e09ac1c7058b7da47902910ca141b468831492e73da274b8845fa314a
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e2a9f7912819a604c2b9fb769829f71e755d22bffe035a1e358f632fa0d9412
7f3c6b58f7c57e2b2b1bb8e49260fe50e7366d3eadebc1414f53fb6c7854d9b2
821e49e1ea0f6c62430210f9d58bbb8b586c4e8d9c25801691117c897716f4b3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85685bd4d68102ad8f8817473591a14dd1d71c9610e19eb78c0edefe16de6c1f
889e540402bf1e1b54c2891ae0f4a380cb3696ce3f98988ebfec96e2f0d85171
88d6a54b11051855551c995388d2e8ace828188a41f201b4c77fc721bc536e36
8e78884c562fb80f581008e50cd16a6b89a71dd4432d24fce64b907726940550
9584e01c9e0b3e5a9eab6e960eeda441896c6f0da4d40062a4925b9f63370738
95d0029cbdcf1a2e8b9f17045aac2cf598a2955f36ea5ac3879274dc6f584ae3
9aa3b1a29a90ea3dcda8b653b0842e0f646bafa500ac8ee7f54f3d56503c1168
a0e098997666c164e119046191dbc1a534878a2011bf58038d45b1d03f6984f1
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6564ae560c5128f5456bf5f7ace31951a5b15ec2ee50fa2c64b80fd39713c6b
a7de4438ab82b711c5099dd9c757e54eb65222316a3c15d18dbc2aa268660ca6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b38203a881ad4c330e92ceeecc2b8efd1b9ede372560658fbd15cc2dfa93ff41
b3f88f66314536598a572bff96b02e95967d41f1fcb1b3bbafa84b00657242e9
b4c273fb3d5f9f1041c7f7c381c954fcc08a71c9f896ecf36e8b7044f046d4a5
b65f47e6e01641e5af255505932917ac6f724afa9a43b8525e110427e77cab39
bbaad9e58cfbd42f41338df6e899d81beaf31b9eb30d2da6b74deeb9bf2cf754
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c951567b079e3831dabf4b934a11b9b2934dca7ef518766759f4b5eb5609e0f0
ca14510c9c719c3d07bb457eb2e914f48e942fc1e6906c03008197559e03b5f9
ca3df8fa60811ac9f40f90052e42a6ccfae2b50bdcf49c44451328c64789cfb4
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d37c7ee32af1f07dbf22ab0a2e4c53707def7054bb4985ea89ca67db673106d8
d90e6e56feffa1cfab9eeff5b73ac8a672770125810733d45c9edffb4450522d
daa2666b6c75b5c0ad185a98fbc15e71bf061dfc49ef1dc3ad89aa8f27494094
dc17f8f103be6eb21a2a665ca699009649851c4b049892cb384beaa519e8922d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de5304209badeb036d13dba7afe925834b70bd9e91cecea63b23cf27fd01103e
e0755149df409d34d002367f70fdf59872d72a8b37d603c40c86cce56c277061
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecfc48ab5315e179e1948be2aecc95b3afc29ae1413a2024abb9b1706df9ff0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe60b6928a0f370aa2ebbcf726337ddece82b8350fc012476e434b91e665cf4
f427505639cffcd00b128547d3bf95f2bd65c790739b92b9559d49e3884c75da
f90e86e415fef9aea8d31405a00fde59f92c5968762d3f9fa78a2c386a32ff09

www.plusrewards.com.au Open in urlscan Pro 172.67.68.104 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

78 %HTTPS

0 %IPv6

34 Domains

52 Subdomains

43 IPs

3 Countries

4808 kBTransfer

8015 kBSize

66 Cookies

3 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.plusrewards.com.au Open in urlscan Pro
172.67.68.104 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

78 %
HTTPS

0 %
IPv6

34
Domains

52
Subdomains

43
IPs

3
Countries

4808 kB
Transfer

8015 kB
Size

66
Cookies

110 HTTP transactions
0 data transactions