www.eldersweather.com.au Open in urlscan Pro
13.33.33.98 Public Scan

URL: https://eldersrural.com.au/
Title: Rural Services

URL: https://www.eldersinsurance.com.au/
Title: Insurance

URL: https://www.eldersrealestate.com.au/
Title: Real Estate

URL: http://www.eldershomeloans.com.au/
Title: Home Loans

URL: https://investors.elderslimited.com/investor-centre/
Title: Investor Centre

URL: https://www.elders.com.au/sustainability
Title: Sustainability

URL: https://itunes.apple.com/au/app/elders-weather-app/id1121822860?mt=8

URL: https://play.google.com/store/apps/details?id=au.com.elders.android.weather

URL: https://business.weatherzone.com.au/

URL: https://www.facebook.com/EldersRuralServices/

URL: https://twitter.com/elderslimited?lang=en

URL: https://www.instagram.com/elders_limited/

URL: https://www.youtube.com/user/EldersLimited

URL: https://www.linkedin.com/company/elderslimited/

URL: https://elders.com.au/privacy-policy/
Title: Privacy Policy

URL: https://www.facebook.com/EldersWeather

server-13-33-33-98.sin2.r.cloudfront.net

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://eldersweather.com.au/ HTTP 301
http://www.eldersweather.com.au/ HTTP 301
https://www.eldersweather.com.au/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift&dcc=t

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1

Request Chain 180

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAABMyR61ywxL-uLZ55nfQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1

Request Chain 181

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1

Request Chain 182

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D

Request Chain 183

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1

Request Chain 184

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAABM-0K4EHI6xyQyIMPdQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1

Request Chain 185

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP 302
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1

Request Chain 186

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D

Request Chain 188

https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0 HTTP 302
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D HTTP 302
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-0be9AVRT3E-tufVL2OJLfcSIOwwa_-3tHH0Qynp-Mg

Request Chain 190

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?id=5315015035452007233&ex=appnexus.com&gdpr=0

Request Chain 191

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0 HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2478774910671083970147

Request Chain 198

https://match.adsrvr.org/track/cmf/openx?oxid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=15dadd92-0f83-4982-85b1-30139708c890&ttd_puid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0&gdpr_consent=

Request Chain 199

https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZAABM8Co8XYAAIQeAX8AAAAA

Request Chain 200

https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCjwIRoff3aks8AD1u-7LAlLc8AAAGGoASy5w

Request Chain 202

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqJvU7FdG_h7MzKyPAiLgo&google_cver=1

Request Chain 222

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LEQGAZ1S-1I-K4D HTTP 302
https://s.amazon-adsystem.com/ecm3?id=LEQGAZ1S-1I-K4D&ex=d-rubiconproject.com&status=ok&gdpr=0

Request Chain 225

https://gcdn.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/9DFE7661B778F5B37E7CB623939513777D61308E.515E8C6237DBCBF28504A3A847720A6ABC30A63B/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-hxa76n7z.c.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/32B7B75DCE21CCCD0D038B2B65E87DD0B647BCF0.733F2F3FE178A45CD3DCEAA6DC18C23CB7973817/key/cms1/cms_redirect/yes/mh/_i/mip/103.209.254.40/mm/42/mn/sn-hxa76n7z/ms/onc/mt/1677721482/mv/m/mvi/4/pl/24/file/file.mp4

Request Chain 226

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=15dadd92-0f83-4982-85b1-30139708c890&gdpr=0&gdpr_consent=&expires=30

Request Chain 227

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jpd2TNk6QQy_gE7tpaUpOA&rk=usync-na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jpd2TNk6QQy_gE7tpaUpOA&gdpr=0

Request Chain 229

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/rCTi8T35EjXSL5IyfdZrrw?csrc=&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-efIDKBBE2oKN.LuqNHhMYMpLfpBIB6ZM9bRJ1w--~A

Request Chain 230

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2M2RkNjU2MjAzMDg3MjkwMWNiYzllMTc2MjYyZDJmMmU3MTBjMA&gdpr=0

Request Chain 231

https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRR0FaMVMtMUktSzRE&gdpr=0

Request Chain 232

https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQGAZ1S-1I-K4D&gdpr=0

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEE6MdYvjHo56kFD-3nYETCI&google_cver=1

290 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.eldersweather.com.au/
Redirect Chain

http://eldersweather.com.au/
http://www.eldersweather.com.au/
https://www.eldersweather.com.au/

180 KB
181 KB

979ms
635ms

Document
text/html

13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.33.33.98 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12

Resource Hash

5faca12d73ed3734315d27c017103eef5c33cc98396012ce4214c5154e5dfc5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: max-age=300
content-type: text/html; charset=utf-8
date: Thu, 02 Mar 2023 01:51:39 GMT
etag: W/"5faca12d73ed3734315d27c017103eef"
expires: Thu, 02 Mar 2023 01:56:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
status: 200 OK
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
x-amz-cf-id: 4m4V4oYcf0d_xRYPrmoQcx9oqyZfB5_Qxs5Nf024RF-zkOZSeulHPQ==
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Phusion Passenger(R) 6.0.12
x-request-id: 394ba1d9-4521-4dba-a970-365f70278de7
x-runtime: 0.262324
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 167
Content-Type: text/html
Date: Thu, 02 Mar 2023 01:51:38 GMT
Location: https://www.eldersweather.com.au/
Server: CloudFront
Via: 1.1 446026fb3dafe55d3602866eda0c744a.cloudfront.net (CloudFront)
X-Amz-Cf-Id: 2qIGnRva9vesyioWFEZgAibHev1Cv5ne-RWxN3Wob0Dbt0oa3FkTLA==
X-Amz-Cf-Pop: SIN2-P1
X-Cache: Redirect from cloudfront

GET
H/1.1 200
OK application-c65766b1635d2eb6914f83b9ef9a0d8f9a101e11c5cfccf9138cc9a754ee310d.css
weatherengine.s3.amazonaws.com/assets/ 91 KB
92 KB 391ms
111ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/assets/application-c65766b1635d2eb6914f83b9ef9a0d8f9a101e11c5cfccf9138cc9a754ee310d.css
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c65766b1635d2eb6914f83b9ef9a0d8f9a101e11c5cfccf9138cc9a754ee310d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Mon, 22 Feb 2021 00:58:59 GMT
Server: AmazonS3
x-amz-request-id: Q0EHWYJTQC3AP82M
ETag: "e26386b396ccb26cd329c58ea2358471"
Content-Type: text/css
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 93502
x-amz-id-2: 1dkYy0pssfUbmqDixkfJI3OrNB2KqDiw5A11f2ovxBkiZ7/qCpb9ZG4cdQ2LYETpPms0qEqqXO0=
Expires: Tue, 22 Feb 2022 06:58:58 GMT

GET
H/1.1 200
OK elders.css
weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/ 89 KB
89 KB 408ms
126ms Stylesheet
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4de9a4fcb98ccc3cc6f1bd1703cd1f55e0b6828cd92206dbde112251efcc82bf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 14 Feb 2023 12:09:09 GMT
Server: AmazonS3
x-amz-request-id: Q0EGH4W5S7R3R0E0
ETag: "80291c3c2b631516ff5ad71ca525c62a"
x-amz-server-side-encryption: AES256
Content-Type
Accept-Ranges: bytes
Content-Length: 90761
x-amz-id-2: Y9WoBjm0GyejoKjy5BwEExOXTauK5DFrQ0x/R1l/xJEXMiD8Ao5zCWfpuy1nlnIbnBKC718vFyA=

GET
H/1.1 200
OK application-61f3059c3fa5449fe452810473b09066e8b4e0b24bd0dc2b2b124754d9f17593.js Show response
weatherengine.s3.amazonaws.com/assets/ 468 KB
469 KB 398ms
117ms Script
application/javascript 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/assets/application-61f3059c3fa5449fe452810473b09066e8b4e0b24bd0dc2b2b124754d9f17593.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 61f3059c3fa5449fe452810473b09066e8b4e0b24bd0dc2b2b124754d9f17593

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Mon, 22 Feb 2021 00:58:59 GMT
Server: AmazonS3
x-amz-request-id: Q0EPKEM1E3XES37H
ETag: "d382fd4fd56bf7cdd432b263c40c77ef"
Content-Type: application/javascript
Cache-Control: public, max-age=31557600
Accept-Ranges: bytes
Content-Length: 479492
x-amz-id-2: 493DnGh5hJ5UGPZtaETByxoF8O5a+vsFwd7wUCoG8MdxAaORKjqTLCIlZbC1bafZToty0cMvDJU=
Expires: Tue, 22 Feb 2022 06:58:58 GMT

GET
H2 200 bootstrap.min.js Show response
resources.weatherzone.com.au/includes/bootstrap/ 28 KB
28 KB 840ms
229ms Script
application/javascript 13.225.103.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://resources.weatherzone.com.au/includes/bootstrap/bootstrap.min.js?v=3.6-201905131159-17
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.103.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-103-116.hkg60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 29f84620e8e12c98ed6d97025939a2f70d6bc64bf264aa6bad2e060138f82dd9

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 23:57:08 GMT
via: 1.1 7d10f72a0599802fbc9679c1808688d2.cloudfront.net (CloudFront)
last-modified: Fri, 22 Apr 2022 06:20:43 GMT
server: AmazonS3
x-amz-cf-pop: HKG60-C1
age: 93273
etag: "3817364ad5b9315f1b2865dad814dd30"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 28756
x-amz-cf-id: JfVVUqe2XCdL6AUNuS8hFF1ot0UWJZ0DSBygNHKSxopL1Z3SGADGog==

GET
H2 200 fuse.js Show response
cdn.fuseplatform.net/publift/tags/2/2304/ 242 KB
57 KB 1117ms
591ms Script
application/x-javascript 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e53b3fdc95dc41de7b6032e847823c15baebedce6b4ef6927d507829941d9746

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:41 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 00:28:02 GMT
server: AkamaiNetStorage
etag: "3e0f07a54122ede6821da7bb578e39b6:1677630482.583234"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=1800
accept-ranges: bytes
content-length: 57508
expires: Thu, 02 Mar 2023 02:21:41 GMT

GET
H/1.1 200
OK elders-navbar-logo-sm.svg
weatherengine.s3.amazonaws.com/styles/images/elders/images/ 2 KB
2 KB 119ms
113ms Image
image/svg+xml 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/elders-navbar-logo-sm.svg
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b8e273fe041d30fcbf642765d54b6d93aec8cbf881c40d55a2d142fdb4c3b6fe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:20 GMT
Server: AmazonS3
x-amz-request-id: Q0EMXYQ7GYQKCSES
ETag: "36955b6ef276f1b07d8d0ad937a92665"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2165
x-amz-id-2: OVS5pR4OhlbwdqjKZmLlKtZ9s7Tqv+JZzmq8IDl7jGECkimi7J5ZLWFj0Lsj9hA+/irmo+i+Fz0=

GET
H2 200 jquery.sticky.js Show response
www.eldersweather.com.au/resources/js/elders/menu/ 10 KB
3 KB 171ms
170ms Script
application/javascript 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eldersweather.com.au/resources/js/elders/menu/jquery.sticky.js?v=4.0-2019060311
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 88abc9ccea0b6ecc29d9d1b68781dc2c03a57f59f7319231e04aa3b1af8fedb1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 08:56:18 GMT
content-encoding: gzip
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 00:49:48 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 2393722
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200 OK
cache-control: max-age=2592000, public
x-amz-cf-id: Twu7qFsyaTPHF0gBxdT686aEcVPgZjK-K2WVvpChQ3516XdRiwGycg==
expires: Sat, 04 Mar 2023 08:56:18 GMT

GET
H2 200 sticky.dropdown.menu-v4.0.js Show response
www.eldersweather.com.au/resources/js/elders/menu/ 3 KB
1 KB 169ms
169ms Script
application/javascript 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eldersweather.com.au/resources/js/elders/menu/sticky.dropdown.menu-v4.0.js?v=4.0-20190604-7
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 17469483f444721b0458ce95af04715e4fc1350e3f2a89ef5e75bde5a751f2ae

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 19:23:32 GMT
content-encoding: gzip
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Thu, 16 Feb 2023 00:00:31 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 714488
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200 OK
cache-control: max-age=2592000, public
x-amz-cf-id: iMPivhjHfCZCN31EfVR6q6fwru23bkJsM28LGF_R8hbtEX-Ox5QGiw==
expires: Thu, 23 Mar 2023 19:23:32 GMT

GET
H2 200 aus_nsw.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
3 KB 180ms
173ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_nsw.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 89cb793e178a8ad4ecab561edb61438d08c4c2e2f1ece7bb59f59ced773bc2ab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 03:15:21 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 1895779
x-powered-by: Phusion Passenger(R) 6.0.12
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 2974
x-amz-cf-id: meXwQ4gHnCBG5zop81tIjI3dXblCEs8iSHW9mOHdDtzyCVrFT8QQQw==
expires: Fri, 10 Mar 2023 03:15:21 GMT

GET
H2 200 aus_nt.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
3 KB 181ms
175ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_nt.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 0a8f4ed17b867e549f3df6b4e87ebab4b0071081bb11ce5b8b582a2ac2460970

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 19 Feb 2023 09:19:36 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 923524
x-powered-by: Phusion Passenger(R) 6.0.12
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 2946
x-amz-cf-id: eVAOezZvaiyqsPjNLYm-2uW1EwUFeQMNF6KKclEwWs4C4zVEWIVGEw==
expires: Tue, 21 Mar 2023 09:19:36 GMT

GET
H2 200 aus_qld.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
3 KB 184ms
178ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_qld.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 51d7fb3cf2b601cdd38d60e3ace6e9ec1b41029add415e7bc34b9fed7849996e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 13 Feb 2023 20:37:08 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 1401272
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 3106
x-amz-cf-id: yaIPwX2HiNAia8dF_gFkL6kqoa2c2V3lwGzEUp-1roapyT8CmMcT6A==
expires: Wed, 15 Mar 2023 20:37:08 GMT

GET
H2 200 aus_sa.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
3 KB 186ms
180ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_sa.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 6388b3a9fc56efea795f54d2247336ea84d91075777e321133f1f4468fdbe847

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 00:47:17 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 349463
x-powered-by: Phusion Passenger(R) 6.0.12
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 2979
x-amz-cf-id: BKyzMKJmzEUmUoAqTJjCdmgQyb5eSyb-owXo2KKaVFH4IeeFGy1KWg==
expires: Tue, 28 Mar 2023 00:47:17 GMT

GET
H2 200 aus_tas.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
3 KB 187ms
181ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_tas.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 8f3853f78c6aaeb0d2a8426ed290c43951f79575562ca621a11c7909ad6a7a6e

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 22:28:02 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 617018
x-powered-by: Phusion Passenger(R) 6.0.12
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 2855
x-amz-cf-id: rB3elYVzQUhHYBcG5CqBL-ZqhkA6mAv6bSjBXXWL349DDZ3AK-CN4w==
expires: Fri, 24 Mar 2023 22:28:02 GMT

GET
H2 200 aus_vic.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
3 KB 190ms
184ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_vic.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: d7f497e476ff3a24fb574b25c81e0c4ead7cdd658c19329053cc04a8432db0f8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 20:32:55 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 191925
x-powered-by: Phusion Passenger(R) 6.0.12
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 2929
x-amz-cf-id: cwGW-E6fZ_dY1JGhPJKQOa9_ceAOC1oK88iJL_puxO5HX-6qC8ZUyA==
expires: Wed, 29 Mar 2023 20:32:55 GMT

GET
H2 200 aus_wa.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 3 KB
4 KB 294ms
289ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus_wa.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: bebcc59fcebd67a114cccdb8a29572655f8debde3a337204b424e25e9de895c7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 11 Feb 2023 23:38:52 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 1563169
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 3170
x-amz-cf-id: mOI0HwiO4MeaFMwhWR6CPfsiSILcipQ0fXHW7BP3YUg3pe0DFQ1NWQ==
expires: Mon, 13 Mar 2023 23:38:52 GMT

GET
H2 200 aus.png
www.eldersweather.com.au/styles/images/elders/images/maps/country/ 11 KB
12 KB 298ms
293ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/maps/country/aus.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 7202e9ae9b5cce5569af9f97ee30f87c1cd0deba9d67b0565ea6db0bd5e24077

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 31 Jan 2023 20:50:41 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 2523660
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 11601
x-amz-cf-id: LRtS2AKOUB_m1O0GPsqvDOMb_04LtoWJodEdUii_QlKdBjAp4WXNFQ==
expires: Thu, 02 Mar 2023 20:50:41 GMT

GET
H/1.1 200
OK mostly_sunny.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 2 KB
2 KB 139ms
109ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/mostly_sunny.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 36e662803046b6ae8e40921c59113e0d68edd9c3fe5d1895ea8c047d0e4215bf

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 399EF2H9Q1ZZPFAJ
ETag: "b6ad2a1e469ae93601357acaa74534e3"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1678
x-amz-id-2: UqJxPwqiE9BTQFs3iXh8AKqB+eNv/7kvQ2z7arOU0CuFTlxobwzytZg+IsJVy1IIHExbj2a117Q=

GET
H/1.1 200
OK possible_shower.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 2 KB
3 KB 339ms
112ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/possible_shower.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 67eb7822a86bd1529ca3a2c449b7846f40f8eafb260ca3e6cc080e9d300418c5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 3993D140MEK1545Z
ETag: "662592d6809d34b387b80a00dbb3ffa0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2283
x-amz-id-2: 59/PdWCwnLkXoIdKmn7m5X6yD33Ocx2OV0MphekE+rk/HXYxpZaAcxhou3BR7KXr61Ics66lyJE=

GET
H/1.1 200
OK sunny.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 830 B
1 KB 118ms
117ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/sunny.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 62e7ada02fb41ca508944ff677225f01617d713c48b66f7bdf2dbaecd34c3f32

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 399E74H1BXVZQQVK
ETag: "32f37d28082240208421b8bd4627288a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 830
x-amz-id-2: cMojI1Rf80F0pboB3Bf+0CrzOQW0h56uBVBizMaYRNHERi5llPhELF51+lXf4NcuF90ycbuzNFw=

GET
H/1.1 200
OK increasing_sunshine.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 2 KB
2 KB 259ms
110ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/increasing_sunshine.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8a2c6e33386786b2175ce1d47e86e1875f33f3d537f547233df18fd8bc7f159c

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 39973TD1SHWJ7CPZ
ETag: "067b15d26c8784d518e5c798676391e6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2160
x-amz-id-2: BJv9GVRzU1Eo6lJSFuJ+zfcQQUSmow7UVAJfQYrjjHCt8A4Kv3nkEu0QzhjWg27O7pi8ko7xwr8=

GET
H/1.1 200
OK showers.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 2 KB
2 KB 148ms
112ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/showers.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3b30a63aa5cc0b42f5c33dda5eaefc46822872fe08976c0e992260cfdbfd4be0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 399AD48Q6NVTH0YK
ETag: "855712ce977a9b98e037ec8fdb61ebc7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2119
x-amz-id-2: VakUgRuNYvy7fob8Yk0dOQLmUPG+WRVWT4WqsDrh7Sk30UWY+Z6ul4yvW4mutaP+LdDryENSzJE=

GET
H/1.1 200
OK cloudy.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 2 KB
2 KB 248ms
109ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/cloudy.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: afa5280439d9ebe548e5c3f1e31c091d4620a637197227f9932a5a218bf542ee

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 399BXA3P63CNSR5G
ETag: "6b4c58db0c0dabc902391b81d10949fe"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1724
x-amz-id-2: oTQd1nodggVQG20nHxhJ+YOaaZyNNo8YCL4ThVPyGxvonsoF9nuI9SnxjJjrFz888g3qiJ2bHs8=

GET
H/1.1 200
OK mostly_cloudy.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 2 KB
2 KB 296ms
113ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/mostly_cloudy.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8646862685d95c07f0b0813174dcc7d61c43511eaf0b222361335667c85a4964

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 39985E08SXEC4YV7
ETag: "63d23ff761730187b8b497c749c293a6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2086
x-amz-id-2: vV7tlk1J5SPoYQBqhVRdvF5o79x8EqqwEgryv+M7Sm2PCyCvcFeUItU/xiwKPk4Zx0uQvvdM00E=

GET
H/1.1 200
OK late_shower.png
weatherengine.s3.amazonaws.com/styles/icons/elders/small/ 3 KB
3 KB 111ms
110ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/small/late_shower.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 80d97aff53954ad0453f39c767a09237a9c54685f88f7ae61b2669c35d59b295

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:32 GMT
Server: AmazonS3
x-amz-request-id: 3995VEG4TBX5CE2G
ETag: "d96dbea67fca6e9fb6c7e1ff3524fc6c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2640
x-amz-id-2: 1hGUjNS+Mpoi0ZkNRSN+10k+23I89n7cVFqwiWwKMLoXkdkbgK+yBlPn3FjjQOVTdPH330FJz08=

GET
H2 200 appstore-badge.svg
www.eldersweather.com.au/styles/images/elders/images/template/footer/images/ 12 KB
5 KB 297ms
293ms Image
image/svg+xml 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/template/footer/images/appstore-badge.svg
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 23:24:57 GMT
content-encoding: gzip
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 959204
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
status: 200 OK
cache-control: max-age=2592000, public
x-amz-cf-id: BLAN-onyv3KHALaanavymTSmsvhfgcTrd8RJb1iN_UApkDheNnXXsw==
expires: Mon, 20 Mar 2023 23:24:57 GMT

GET
H2 200 google-play-badge.png
www.eldersweather.com.au/styles/images/elders/images/template/footer/images/ 6 KB
6 KB 300ms
296ms Image
image/png 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.eldersweather.com.au/styles/images/elders/images/template/footer/images/google-play-badge.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 07a6fab673e8ac9311c7689cf8789bb8058f567aad16e4136e21d76558d3957f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Feb 2023 18:40:13 GMT
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Tue, 15 Sep 2020 12:21:41 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 2358688
x-powered-by: Phusion Passenger(R) 6.0.12
x-cache: Hit from cloudfront
content-type: image/png
status: 200 OK
cache-control: max-age=2592000, public
content-length: 5932
x-amz-cf-id: 5p62anoy7ZgkiINzyj26NJ7zCFhbuuGMl6wKXU7T7ZjOqGqV1vC0jA==
expires: Sat, 04 Mar 2023 18:40:13 GMT

GET
H/1.1 200
OK banner_size01_arrow_colour.png
weatherengine.s3.amazonaws.com/styles/images/elders/images/template/images/ 4 KB
4 KB 215ms
121ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/template/images/banner_size01_arrow_colour.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: f5e0a9f39bb4a1f4b831c2c59aa4081fea67ed9451948907ed984e7e58b33841

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:26 GMT
Server: AmazonS3
x-amz-request-id: 399DS16N3TYE1RN2
ETag: "f0db2b659095ba2290358cd8e20fea1a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3747
x-amz-id-2: ar5bMkk/uQV6GM+1iibr2ym6NqlXYlg2QXzmJ9jgr7QDQi+c6dHJOh1iUUzqHCrgd4c1/1btWUg=

GET
H/1.1 200
OK powered_by@2x.png
weatherengine.s3.amazonaws.com/styles/images/elders/images/template/images/icons/common/ 3 KB
3 KB 113ms
113ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/template/images/icons/common/powered_by@2x.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b905e2b6360a94197f5bec438a3381f9b66924669a7c7d3af4ce11090162eb80

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:26 GMT
Server: AmazonS3
x-amz-request-id: 39974CHJ3NA0D19T
ETag: "564e22817f005846d5489bc0516abd96"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 2675
x-amz-id-2: XYaY1nMnDXY+TNQ0+I/P7wP3C2bM/QIv/oLkWqqhmeqVpI+UNm1G1WvreFQxLr+5qOhuRYDBIu4=

GET
H/1.1 200
OK logo.png
weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/ 6 KB
6 KB 112ms
111ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/logo.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dc8fad32ab2092e9ce8e4d80c8325d13c0fa05fbe727ce4940a898fadbf17a5a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:26 GMT
Server: AmazonS3
x-amz-request-id: 3993ZXH6S828RR30
ETag: "b514bac8964952f5ca1fc2ffb4092121"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5921
x-amz-id-2: 6es3dQUn6SgZo+0qdoPaVm1GLR7G/UWcZPplVW0Tm1Py2kaM07zsf9xu2LiX+jBo4iZuwwvLrNw=

GET
H/1.1 200
OK appstore-badge.svg
weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/ 12 KB
12 KB 115ms
115ms Image
image/svg+xml 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/appstore-badge.svg
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 25178aeef6eb6b83b96f5f2d004eda3bffbb37122de64afbaef7107b384a4132

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:26 GMT
Server: AmazonS3
x-amz-request-id: 39998B581YDMB08B
ETag: "d0558d91063038236b60e3ef71fdc1fd"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 12353
x-amz-id-2: AWfEZAssjb0S270XVlXVKCjUodfxZLW2Q7DW4ZiQdCVRJvJ+2boL0DbNKQ+OVq8c/w+rkMS4/bA=

GET
H/1.1 200
OK google-play-badge.png
weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/ 6 KB
6 KB 124ms
124ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/google-play-badge.png
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 07a6fab673e8ac9311c7689cf8789bb8058f567aad16e4136e21d76558d3957f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:26 GMT
Server: AmazonS3
x-amz-request-id: 39959N40MA4XV4NB
ETag: "13d600d8b741f303b0c8e82a63096664"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5932
x-amz-id-2: EqJXVNsaEY6SkacfybPUc1L7b6faxvZ5KUDTAUoZeENeGhMTSKL/3OLYnwZYNcfywgZPPMLVtyw=

GET
H2 200 tether.min.js Show response
cdnjs.cloudflare.com/ajax/libs/tether/1.2.0/js/ 23 KB
7 KB 277ms
96ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/tether/1.2.0/js/tether.min.js

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b483c27381671c52377f3ae33218233ce6b57b41f52aed2d8aa6d51f68e689f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eldersweather.com.au/
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 515812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6165
last-modified: Mon, 04 May 2020 16:17:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffc-5b0c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=arSMmatTmhDL1UxuhNueUwtS67H0zi4O3ik3ZUhc1IQ89cvwAyftCZN5%2Fzyyg%2FrpByNt9nm0BjgRdbCBje8Y4WoBGfOub%2BkpSOCznqz11Cgu2xt2j01KAZ8s%2BXthIcJNNciYaE66"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a15fef9de255aac-MEL
expires: Tue, 20 Feb 2024 01:51:41 GMT

GET
H2 200 smartbanner.js Show response
www.eldersweather.com.au/javascripts/ 16 KB
4 KB 179ms
171ms Script
application/javascript 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eldersweather.com.au/javascripts/smartbanner.js?v=wxe-eld-1.0.2
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: b63ceccc5eb3708d0906931b50f9097140e499ed0afba539e62516a0e9816ca8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 04:11:06 GMT
content-encoding: gzip
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Thu, 16 Feb 2023 00:00:43 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 164434
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200 OK
cache-control: max-age=2592000, public
x-amz-cf-id: evl0r6HZR5HAj3YW24Z-Yt8CkdnbC6sVmt-yfPkfTW2ilv9oMxXJrw==
expires: Thu, 30 Mar 2023 04:11:06 GMT

GET
H2 200 jquery.cookie.js Show response
www.eldersweather.com.au/javascripts/ 4 KB
2 KB 190ms
183ms Script
application/javascript 13.33.33.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.eldersweather.com.au/javascripts/jquery.cookie.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-98.sin2.r.cloudfront.net
Software: nginx/1.20.1 + Phusion Passenger(R) 6.0.12 / Phusion Passenger(R) 6.0.12
Resource Hash: 4f6a9c99d36c51fabdd3e290c6a7fafb8252e6f34627d37d133ee9381a7880e5

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 04:41:28 GMT
content-encoding: gzip
via: 1.1 2ec3a59b33dd3ac1e987a568fb8bba88.cloudfront.net (CloudFront)
last-modified: Thu, 16 Feb 2023 04:29:55 GMT
server: nginx/1.20.1 + Phusion Passenger(R) 6.0.12
x-amz-cf-pop: SIN2-P1
age: 1113012
x-powered-by: Phusion Passenger(R) 6.0.12
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200 OK
cache-control: max-age=2592000, public
x-amz-cf-id: jDUewcEoETsOYu76R2Jt9iL8Mc2MdsMATBONjGyIq13BL65se9YCLQ==
expires: Sun, 19 Mar 2023 04:41:28 GMT

GET
H/1.1 200
OK secondary_menu.js Show response
weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/ 117 B
464 B 120ms
113ms Script
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/secondary_menu.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: fdb505d7056b5ced58bbf37b8e87fa421f18ac7f1c57442dca87c706984d13a3

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Mon, 21 Feb 2022 04:32:49 GMT
Server: AmazonS3
x-amz-request-id: Q0ETQHC1N6PQDJ63
ETag: "c965b216a09098014d35fda664a6a6ee"
Content-Type
Accept-Ranges: bytes
Content-Length: 117
x-amz-id-2: QTS2xtiNRRu8VdY9QVB5ol/MasVooN8WHcd2jYeClrJOpt1RsXLfxip+P+GNBFgHv4+4JHu1q0Y=

GET
H/1.1 200
OK map.js Show response
weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/ 6 KB
6 KB 115ms
108ms Script
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/map.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d2d36e4620370267ede2bb4117ff2d79ca8d003b187bb0f4b2b7d3f1b942f5bb

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Wed, 04 May 2022 10:32:53 GMT
Server: AmazonS3
x-amz-request-id: Q0EHP8JTNCAR1WBA
ETag: "ad2d82896983a43978b83563536b96f3"
Content-Type
Accept-Ranges: bytes
Content-Length: 6207
x-amz-id-2: LLTZkbTA8UIvVYgtNenqstTU2HeHsIruvmI5PyZFoTdcnBIaNnQ3R5gdHk15Uvbn1isWNVKPUf0=

GET
H/1.1 200
OK national_forecast.js Show response
weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/ 645 B
1 KB 159ms
152ms Script
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/national_forecast.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 92287bde22942a7316c42b81865947fe2fec9231dd1b5e26d02c45c9a9a27f1d

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Thu, 20 Oct 2022 00:00:39 GMT
Server: AmazonS3
x-amz-request-id: Q0EM055EA66KRZPA
ETag: "ddbafcd66b2b6148da990fd7e8712b2b"
x-amz-server-side-encryption: AES256
Content-Type
Accept-Ranges: bytes
Content-Length: 645
x-amz-id-2: BNAF9iDPeSDkKsi4EJzTipklWKPCF6rrlWPgd+PLyCBbIVW45eHZv70JUrObOT/H3mCxb5dsDVY=

GET
H/1.1 200
OK map_mobile_elders.js Show response
weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/ 570 B
917 B 124ms
117ms Script
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/map_mobile_elders.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4e0717817e714b9068897ff375c1098c35954f63063862b2f122291a23e8723f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Fri, 22 Apr 2022 08:33:15 GMT
Server: AmazonS3
x-amz-request-id: Q0ES6VF4KQ382YQ1
ETag: "2c2c29925dbff101ef9103059585bf45"
Content-Type
Accept-Ranges: bytes
Content-Length: 570
x-amz-id-2: 83UBCDwOqOfyuVi3sPp8SnbJSHpOqnADPFbPaSTEFiy1cnps9WrjSPKkuAfXkvTbrAfmjIooWkY=

GET
H/1.1 200
OK custom_content.js Show response
weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/ 355 B
702 B 116ms
110ms Script
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/javascripts/www.eldersweather.com.au/custom_content.js
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 14571a2078140b8081c05a177ba6da5fecdb836eb915e422c53e6c311cae2bfa

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Mon, 18 Oct 2021 06:50:12 GMT
Server: AmazonS3
x-amz-request-id: Q0EW9DYKW989WXFG
ETag: "1fdda7ed0a244d24585bda4c7255a631"
Content-Type
Accept-Ranges: bytes
Content-Length: 355
x-amz-id-2: 4msoNt2BwZaW1Dwkuvs1BchpH/VolR5vxLUC08+g89la7d5f9//Kzo51ck0yR/p/uwIS8OL1q/Y=

GET
H/1.1 200
OK fonts.css
weatherengine.s3.amazonaws.com/resources/css/elders/template/css/ 2 KB
2 KB 133ms
133ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 8f02274b704089f14515f00e59d9c93164a061ce2cd1f25dfa48a6cdc142805a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: Q0EWD40BMSF67NA4
ETag: "814eb8b4ffffe90dd294d160e107f9de"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1842
x-amz-id-2: OfVUSLp0agf27FopsgMbKOK/MDdNhVX2lI9AiwYA0qPhNLYopvfYVo71xydddUJM662offlrjiQ=

GET
H/1.1 200
OK header.css
weatherengine.s3.amazonaws.com/resources/css/elders/template/css/ 2 KB
3 KB 108ms
106ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/header.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 84f8fa87b515d2098bd984770e62165f28a707dc7044359a11113d1abe9079be

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: Q0EV3VFQZSFKSTBG
ETag: "f9de08ccdd40502acc6e56a2fea7c301"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 2555
x-amz-id-2: 2ZYOGrJ9gjh0vR+6OOGAnsku6GLE5OLaHqZ/EBejdqsd19EV+ulkPJ7JMorZTDNfePBTE578Cy0=

GET
H/1.1 200
OK styles.css
weatherengine.s3.amazonaws.com/resources/css/elders/template/css/ 48 KB
48 KB 214ms
106ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3c1bf588c30b0e761a4159f24cc737b590c6f3f35268f6022750fa5b27969b19

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: Q0ESP32PHZ3ZQ0N1
ETag: "3fca90184d6f88fe4700adde480efead"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 49145
x-amz-id-2: 6lLNIXIb/ssDyQ/B3wX0bPxWWJtXnY+GcYglAJ0+sBRGFLjTHkqCXN38gXv2KPksLVO8O5e4SXc=

GET
H/1.1 200
OK font-awesome.min.css
weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/ 28 KB
29 KB 250ms
116ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/font-awesome.min.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: Q0EMZZ4AG9RD7M09
ETag: "4083f5d376eb849a458cc790b53ba080"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 29063
x-amz-id-2: XSSIciAhTa6NcJQ77bRCreKmr1iBvbDiI4ho8AN2T/9usnSt92sP/wAGNlqoP8knQr+DBW6/bCg=

GET
H/1.1 200
OK bootstrap.css
weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/ 1 KB
2 KB 304ms
116ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/bootstrap.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 755484e373c1731ad4f5667b1c62b67c24e4002bee7ac0742bd1734f1292f320

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: Q0EZSPSE2ATBC2N6
ETag: "576adf4ddb51dda60733373b12a40f96"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1321
x-amz-id-2: i9jwXpGDN00aBB/6480yq8LDigOOjy3TMPRcphlBeiUW/wlekplu6PgLdaek2IJaBlzFeWl/Wnw=

GET
H/1.1 200
OK style.css
weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/ 2 KB
2 KB 314ms
120ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/style.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bda967959ee9bbc17ecb330b6d82aad233a52c793ed5f821a05332d0275dbf7a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: Q0EVTDTRRSH1C6PC
ETag: "4edbc3aeaf7ad16dbdd5a400da302037"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1975
x-amz-id-2: uovpqnvodHYVw4srYFIRYjFmVryAjrMTorwvhRHhoff/O7b9F6fdAO6gBruE1/P6/mSAV6YdRmg=

GET
H/1.1 200
OK sticky.dropdown.menu-v4.0.css
weatherengine.s3.amazonaws.com/resources/js/elders/menu/ 7 KB
7 KB 333ms
135ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/js/elders/menu/sticky.dropdown.menu-v4.0.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 54f9eb4bcb07738e91ce0b989765692f263bb6033c5712f068ea328484d01698

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:41 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:47 GMT
Server: AmazonS3
x-amz-request-id: Q0EYQ317QRTZAQV5
ETag: "377c032f7f8d5ad2f34791ed89571d6b"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6712
x-amz-id-2: ggukpaD64T47m/l1dLyEFWrTWbwY2HM21CgG89mZLZZrQpj4Rrz0gKu9ip4CGS6eHu9CICuu7eg=

GET
H/1.1 200
OK elders_mobile.css
weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/ 105 KB
106 KB 114ms
114ms Stylesheet
text/plain 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders_mobile.css
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: bce46da6ed51427bcb2b48ace21fb954444539332dd165f0bfb695e56700ea57

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Sun, 19 Feb 2023 22:34:24 GMT
Server: AmazonS3
x-amz-request-id: 3997HSECZ7XH0MEG
ETag: "d40eb91cf9cf5c2aba2e2c8c5816b61b"
x-amz-server-side-encryption: AES256
Content-Type
Accept-Ranges: bytes
Content-Length: 107793
x-amz-id-2: WJ/rVScuKi6SMJJJsa3tzR8O0uAqSSEha2NzF8fV/ZYosSUI/iQmPAcjoeHhtdVCGaOFa/e3ydI=

GET
H2 200 wos8qzo.js Show response
use.typekit.net/ 17 KB
7 KB 795ms
169ms Script
text/javascript 23.49.60.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/wos8qzo.js

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.49.60.200 , Singapore, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-49-60-200.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

266cf1f457422ac8efa2a866a235c53cc76e3a3241cf2b9c19132abdb9c4c520

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Thu, 02 Mar 2023 01:51:41 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6712

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 173 KB
63 KB 517ms
172ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3X5QVK

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

2d3162a142653f5d90e91297d7ac7397ed9b7ab4a975d6c02135c7c6c5390767

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63858
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 01:04:23 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 02 Mar 2023 01:51:41 GMT

GET
H/1.1 200
OK BG.jpg
weatherengine.s3.amazonaws.com/styles/images/elders/images/ 56 KB
56 KB 220ms
117ms Image
image/jpeg 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/BG.jpg
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a030d9e33d5b72a20b35808495bd3dfc321ccb3492da77e0f20f211a77eb4ffe

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:20 GMT
Server: AmazonS3
x-amz-request-id: 399AP0QQYXMEBJDC
ETag: "312865547e0c91bf4c04b11be75b1ef7"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 56964
x-amz-id-2: bcKiS45gFUufWji5lEnbBobqQOgY8ryS2ODP5Pqfr+z6+NnVaLiLN4ESgtjEPknQx0sXeH2txiY=

GET
H/1.1 200
OK elders-logo.png
weatherengine.s3.amazonaws.com/styles/images/elders/images/ 2 KB
2 KB 214ms
110ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/elders-logo.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a8d052b5f5702d02cc5fb77fd743ab45ce1ef62a95fe25633f5a9d8e5bf6b4c8

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:20 GMT
Server: AmazonS3
x-amz-request-id: 399A9FNGN7F0K107
ETag: "80d507e4549f583e3c69eab99503b7a8"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1720
x-amz-id-2: Bm+3IHpSR4Yj0DMmnK26KYS9ho8I1EkS/n/om35/245HNvy1bKGPWWR6RyVGN4wBoqi/9WiiYPY=

GET
H/1.1 200
OK nav-arrow-down-white.png
weatherengine.s3.amazonaws.com/resources/js/elders/menu/ 15 KB
15 KB 220ms
113ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/resources/js/elders/menu/nav-arrow-down-white.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/js/elders/menu/sticky.dropdown.menu-v4.0.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a160e613e40e2b9243725cead13f8daae35c19dee0a710cdfc4993e39fb7168b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/resources/js/elders/menu/sticky.dropdown.menu-v4.0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:47 GMT
Server: AmazonS3
x-amz-request-id: 39984CS2ZGXAZNDE
ETag: "da360997b64c64149a3aebc778615483"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15181
x-amz-id-2: bSWJxSSJfoV1hmov+Alf0i+y1nH8lMI9AebkDn/nNSEuRkEtd7r8lClMC//e/W8JF95JJkt0o/I=

GET
H/1.1 200
OK Lato-Regular.woff2
weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts/ 178 KB
179 KB 312ms
116ms Font
binary/octet-stream 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts/Lato-Regular.woff2
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 983b0caf336e8542214fc17019a4fc5e0360864b92806ca14d55c1fc1c2c5a0f

Request headers

Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: 3999D4TDKSVVP1R5
ETag: "bd03a2cc277bbbc338d464e679fe9942"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 182708
x-amz-id-2: xPna1kjqMfwH80yYyzGEHP9Nzm0TrEz7dmoI28onefVrHt8ZJ05zPH6NyXf7fYllu2y1yR/sS6g=

GET
H/1.1 200
OK metaplus-bold.ttf
weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts/ 39 KB
40 KB 331ms
135ms Font
binary/octet-stream 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts/metaplus-bold.ttf
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: dd9d01b6218ef96122ec7529ad57142d7e5dedcc3bcfd34b91a9d4057f6ee58e

Request headers

Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: 3993D332WAPHE873
ETag: "7186c350f48033a3d105baaee857fba7"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 40204
x-amz-id-2: lkBS8pO64ijoNEGrCYRzj6GCAvf7qiz4q9PQ+h3TpQuNVhL687GhWISYes6GLM7LS0VjUMPX7GI=

GET
H/1.1 200
OK fontawesome-webfont.woff2
weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/fonts/ 70 KB
71 KB 312ms
117ms Font
binary/octet-stream 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/font-awesome.min.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/font-awesome.min.css
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: 3999R1SP1JDZSHSD
ETag: "e6cf7c6ec7c2d6f670ae9d762604cb0b"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 71896
x-amz-id-2: PKcSXuGOV1IcLBWo0NMTZ1Ad5YF4bD/A59Xd6PgOwGFcJlxFc3CG1doYAvZDf9/N8iJ3imaGN/I=

GET
H/1.1 200
OK icon-breadcrumb.gif
weatherengine.s3.amazonaws.com/images/ 72 B
427 B 106ms
106ms Image
image/gif 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/images/icon-breadcrumb.gif
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/assets/application-c65766b1635d2eb6914f83b9ef9a0d8f9a101e11c5cfccf9138cc9a754ee310d.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a7675174e108a214f9c90dcd5f621e6e043667f17f53b629bbf39b46b90d7209

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/assets/application-c65766b1635d2eb6914f83b9ef9a0d8f9a101e11c5cfccf9138cc9a754ee310d.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 00:45:14 GMT
Server: AmazonS3
x-amz-request-id: 3998JBD2KNGNZ63A
ETag: "a8211d3490a3e9834764dc353b4c7eec"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 72
x-amz-id-2: tnoA3zH0JQ9QnJLlnRD8Lc0JsU/sDGIpUrpQcsEIvFCG0kIs2y9ilcsXE5mzadRKXtObit2nK3U=

GET
H/1.1 200
OK search.png
weatherengine.s3.amazonaws.com/images/elders/ 1 KB
2 KB 127ms
127ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/images/elders/search.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4dc9283bd06dc4224852471a0ba8cfc107dbc29f902a97fc614093e630f2074f

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 00:45:14 GMT
Server: AmazonS3
x-amz-request-id: 3991ABHC3QXFD34M
ETag: "9d705ae89f7cf6c3a724805858552c9a"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1398
x-amz-id-2: vypAe3jIzAymQKAAd34A45bC8Ouns0r0eo7YnXBs0sGnbED51Qz2uX2d95nmqDqEaKFICHLwTxQ=

GET
H/1.1 200
OK Lato-Bold.woff2
weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts/ 181 KB
181 KB 330ms
131ms Font
binary/octet-stream 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts/Lato-Bold.woff2
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ae88fc0d7a961832f809527d30bd3983a6866d42f66a56ade23f543681594db6

Request headers

Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/fonts.css
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 03:13:41 GMT
Server: AmazonS3
x-amz-request-id: 399A1C84CARZ5393
ETag: "cccb897485813c7c256901dbca54ecf2"
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Allow-Methods: GET
Content-Type: binary/octet-stream
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Content-Length: 184912
x-amz-id-2: OLk9F+puqXw5B4rYlWYokAVJF1j8uNsNmxb5ruXLiUfEiVzzzgJFseH8hO45jEs5gY9nUDdtko0=

GET
H/1.1 200
OK warnings@2x.png
weatherengine.s3.amazonaws.com/styles/icons/elders/common/ 849 B
1 KB 183ms
110ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/common/warnings@2x.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0c4ef37267a6e814c86952dc2a971f11910a89be1114f6dc9b4f776b77196b36

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:30 GMT
Server: AmazonS3
x-amz-request-id: 3995EQGZKT0G182B
ETag: "78710e8eeaac496324a27dadc73f9027"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 849
x-amz-id-2: gsBeCy9PVRCR0kIDPOQm+bNw18Vfj8SWyIPM+EE7CQip75cM/oKou4f0Opapaoy9qKdZLFmPbKQ=

GET
H/1.1 200
OK right-arrow.png
weatherengine.s3.amazonaws.com/styles/icons/elders/common/ 408 B
764 B 241ms
122ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/common/right-arrow.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6a3830b80e9a4551cb579f238ba8b1fc322a49aaaf7a2fe9be02b4dca313b3c7

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/css/styles.css?r=4.1.0&d=2019071703
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:30 GMT
Server: AmazonS3
x-amz-request-id: 3995X2FT818DDEJM
ETag: "55268e6b72db67068158c0fa8f5d3da6"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 408
x-amz-id-2: sQGoh3f9ZsDTmFFbEWNDfoxCfKda/9I3sH65x/Lq/V5evtgIwZYjrz4tgfLq8nbCGlXSggxewSY=

GET
H/1.1 200
OK news@2x.png
weatherengine.s3.amazonaws.com/styles/icons/elders/common/ 369 B
725 B 331ms
116ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/icons/elders/common/news@2x.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 67eb6d41701078c5ef92e8feb7b76cbdb73e79807d0c674ff7d228d7141788b1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:10:30 GMT
Server: AmazonS3
x-amz-request-id: 399DKDWFRHGEBF0F
ETag: "6d7f5641d4030cb47234979c25efbb0f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 369
x-amz-id-2: bcC+qoq5LwfOaT1gxj4vW+plWh2QeNQXUA3PHdf62gWDIotY5lyR2MU4mpRRPjbrwCtQW7KqHww=

GET
H/1.1 200
OK bg-footer.png
weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/ 16 KB
17 KB 109ms
109ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/styles/images/elders/images/template/footer/images/bg-footer.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/style.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 737d04d15b981517e30ec79a7d07f76b4bbd826c68d552202b7aad10d9a2f68a

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/resources/css/elders/template/footer/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Mon, 22 Feb 2021 06:11:26 GMT
Server: AmazonS3
x-amz-request-id: 3991D1N8567QKC9W
ETag: "97f8b9dadbcca210ddc7d561837b047b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16764
x-amz-id-2: xC+49bEQUrRGzwH7DYOX8Mz53grclMbIJryPNVNvWw12PLLZyf6j8ujVnpzcK+EiitIHm15pgAA=

GET
H/1.1 200
OK favourtie-white@2x.png
weatherengine.s3.amazonaws.com/images/elders/ 681 B
1 KB 257ms
116ms Image
image/png 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weatherengine.s3.amazonaws.com/images/elders/favourtie-white@2x.png
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1964fc4bfd7cd579a2aa7e23a9a56ff25b5d311ad659a993516661197e341eab

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 00:45:14 GMT
Server: AmazonS3
x-amz-request-id: 39978N13Y586Q4C1
ETag: "4fedf26cc374317ab966097a6ec9a7dd"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 681
x-amz-id-2: NOjUodihc/PV3RSTbqThCET2MiwIa0bwxm49DoDWVC+DZ1f1xAcLAshEL8mqEjX3fWDegdvkyWs=

GET
H/1.1 200
OK smartbanner.min.css
weatherengine.s3.amazonaws.com/stylesheets/smartbanner/ 3 KB
3 KB 111ms
111ms Stylesheet
text/css 52.95.132.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://weatherengine.s3.amazonaws.com/stylesheets/smartbanner/smartbanner.min.css
Requested by: Host: weatherengine.s3.amazonaws.com
URL: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders_mobile.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.132.100 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: ca8613de85e2358114b5222044b8ba440d4c907c5747102cc560fd7b8fd71897

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://weatherengine.s3.amazonaws.com/system/cache/stylesheets/www.eldersweather.com.au/elders_mobile.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:42 GMT
Last-Modified: Tue, 23 Feb 2021 03:08:24 GMT
Server: AmazonS3
x-amz-request-id: 399A89Y44EV64NXP
ETag: "da77e62ca59a322eb47fbf30251a684c"
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 3164
x-amz-id-2: bx27r7wzv3iGm3mg6vd7XtQBdbdNu9LSlVH6u0FPJyFD4wewu193FKKmw/814VaLMc4MXpTrQfA=

GET
H2 200 l
use.typekit.net/af/3643c6/0000000000000000000175c2/27/ 38 KB
38 KB 675ms
169ms Font
application/font-woff2 23.49.60.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3643c6/0000000000000000000175c2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.60.200 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-60-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 195b52decd1f76a30ebc43fca85996438269325d3fea2a41d77adaf06606c85c

Request headers

Referer: https://www.eldersweather.com.au/
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:42 GMT
server: nginx
etag: "a98d75734a3c5c3ff9eff0f9ec69d1f112cff858"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38516

GET
H2 200 l
use.typekit.net/af/c8a60e/0000000000000000000175c8/27/ 38 KB
38 KB 859ms
353ms Font
application/font-woff2 23.49.60.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c8a60e/0000000000000000000175c8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.60.200 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-60-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: ed98861ceabd35fa982729e1d03247603d61885e7924a1a57eb0975e22b8582a

Request headers

Referer: https://www.eldersweather.com.au/
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:42 GMT
server: nginx
etag: "b0784ee89cb249e24ca920b25666a4fb08b0308c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 38880

GET
H2 200 l
use.typekit.net/af/8d5889/0000000000000000000175c1/27/ 37 KB
37 KB 712ms
207ms Font
application/font-woff2 23.49.60.200
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8d5889/0000000000000000000175c1/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.49.60.200 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-49-60-200.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3029d439a437e2c2605c96cc621c11210c105bfb7d87be5dbb8907bb9f2c72f7

Request headers

Referer: https://www.eldersweather.com.au/
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:42 GMT
server: nginx
etag: "2c78b3f7b76a36e3f9ddf4d5afc17cd0a5724a15"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 37968

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 505ms
167ms Script
text/javascript 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3X5QVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 02 Mar 2023 01:27:31 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1451
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 02 Mar 2023 03:27:31 GMT

GET
H2 200 hotjar-66203.js Show response
static.hotjar.com/c/ 0
432 B 516ms
171ms Script
application/javascript 18.155.68.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-66203.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3X5QVK

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.111 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-111.sin52.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
date: Thu, 02 Mar 2023 01:51:42 GMT
x-content-type-options: nosniff
via: 1.1 386a6404e8fa2e50e2a13baba0abed68.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN52-P1
age: 17
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 0
etag: W/d41d8cd98f00b204e9800998ecf8427e
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: FQbez9O4wC2ZKw1F-S73ZJ-GppYCjLT4cshb_jlYb0Y8y8efK6bASA==

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.eldersweather.com.au/ 10 KB
4 KB 1397ms
1051ms XHR
application/javascript 13.33.33.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.eldersweather.com.au/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-12.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d886a6db7b62c707dd1578aad6ae350ba2a240497b2eb110e12493b3e73963c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: gzip
via: 1.1 bdcb0966d6e5d28eb31a406298268896.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Fri, 15 Jul 2022 05:32:30 GMT
server: AmazonS3
etag: W/"e997cfcc6cc61494dc99ecd502aa8838"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=3600
access-control-allow-credentials: true
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-amz-cf-id: lwm9INuNc36QQrggIWzjsesCiocjQHjMj2XJ603UwDEOEy00mqq9ig==

GET
H2 200 prebid-25193ef501f49f167e7c1553d6537cd9.js Show response
cdn.fuseplatform.net/prebid/ 331 KB
102 KB 176ms
176ms Script
application/x-javascript 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 301c4bb1808f4e44a2ac7ae8736d5c0278cad32bd6eeb37a2a33a14c28a12d82

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:42 GMT
content-encoding: gzip
last-modified: Wed, 01 Mar 2023 00:28:02 GMT
server: AkamaiNetStorage
etag: "39267ecb22426836368f05db699e9e87:1677630482.506275"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=86400000
accept-ranges: bytes
content-length: 103500
expires: Wed, 26 Nov 2025 01:51:42 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 222 KB
55 KB 539ms
195ms Script
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a5b4c02ebe0ac98330cd69b2bf3acddd4dac4dc43a7a228c7ff9d9cf8eb68785

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:01:22 GMT
content-encoding: gzip
via: 1.1 ae0ec5ab8a18fde2c85db3450129ee24.cloudfront.net (CloudFront), 1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 21:30:50 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P2, SIN2-P2
age: 3021
x-amz-server-side-encryption: AES256
etag: W/"2c112740356a90849c23eeb1700b20fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: iTr01LB8hdX2akp4Pexv21CrgrohtcDqsfYcmMREF_syemiPNc0X0g==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 77 KB
27 KB 507ms
170ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83fbc00f6072f000d59951f2d8caa93cb3c665ca6dd47ce467ea6f1421028e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26900
x-xss-protection: 0
server: sffe
etag: "1498 / 855 of 1000 / last-modified: 1677711908"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 02 Mar 2023 01:51:42 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
230 B 701ms
194ms Fetch
text/plain 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?v=1&ttm=1677721902202&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=872827ae-f64c-51b3-8332-06cf68705295&fid=2304&pubid=3&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=277a7ae94dac0a0f33b6&srate=100&adserver=gpt&etm=5526&e=fuse-load
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:42 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Thu, 02 Mar 2023 02:21:42 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
215 B 170ms
169ms XHR
text/plain 172.253.118.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=735555074&t=pageview&_s=1&dl=https%3A%2F%2Fwww.eldersweather.com.au%2F&ul=en-us&de=UTF-8&dt=Today%27s%20Australia%20National%20Weather%20Forecast%20%7C%20Elders%20Weather&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=465574243&gjid=1112571620&cid=664250658.1677721902&tid=UA-5265544-4&_gid=224197532.1677721902&_r=1&_slc=1&gtm=45He32r0n81W3X5QVK&z=606305204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f102.1e100.net

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 8 B
359 B 514ms
171ms XHR
text/plain 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-5265544-4&cid=664250658.1677721902&jid=465574243&gjid=1112571620&_gid=224197532.1677721902&_u=YEBAAEAAAAAAACAAI~&z=111567550

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

Golfe2 /

Resource Hash

7817ee889e9c73351b96c97c740c9dd746ba87ebd6c6fcab3cd77cd021920ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 02 Mar 2023 01:51:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 788ms
169ms Image
image/gif 23.52.171.104
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=wos8qzo&ht=tk&h=www.eldersweather.com.au&f=4648.4649.4650&a=11249&js=1.21.0&app=typekit&e=js&_=1677721902708
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.104 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-104.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:43 GMT
last-modified: Sun, 03 Oct 2021 07:53:18 GMT
server: nginx
etag: "6159616e-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H2 200 pubads_impl_2023022701.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 169ms
168ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6265a847e8ef645ae49eefb6efdd0659672dd17c55167c74bb067750daa399f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 11:58:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 222765
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132634
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 09:35:45 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 27 Feb 2024 11:58:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 130 B
112 B 517ms
174ms XHR
application/json 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.eldersweather.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-52-74-168-55.ap-southeast-1.compute.amazonaws.com

Software

cafe /

Resource Hash

98353de43dbb094ad6e868d4360b19172caee5e4d7f84f0bfdc1485f235e23fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87
x-xss-protection: 0
expires: Thu, 02 Mar 2023 01:51:43 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 513ms
172ms XHR
application/javascript 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 25ccb72e6feb2f32f12173080f83f590.cloudfront.net (CloudFront)
date: Wed, 01 Mar 2023 22:05:24 GMT
x-amz-cf-pop: SIN2-P2
age: 13821
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: gXHI4is4pxbtqskBnqUrIPgb1yg9VzOo8J_JM3fWvh21ndtsWb58YQ==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
315 B 170ms
170ms XHR
text/plain 13.33.79.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.eldersweather.com.au&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.79.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-79-24.sin2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 00:01:07 GMT
via: 1.1 b238fef36fc101d581d2aebbbc69d9a6.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN2-P2
age: 6635
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: M0KcO5EGVOU9C-jzmvjAkTpqwigya3Ipy1nDdiAXCihHNmuQj3emkg==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 511ms
172ms Image
image/gif 74.125.24.99
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5265544-4&cid=664250658.1677721902&jid=465574243&_u=YEBAAEAAAAAAACAAI~&z=1098154507

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f99.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com.au/ads/ 42 B
408 B 512ms
174ms Image
image/gif 74.125.24.94
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com.au/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-5265544-4&cid=664250658.1677721902&jid=465574243&_u=YEBAAEAAAAAAACAAI~&z=1098154507

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f94.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag Show response
btloader.com/ 53 KB
14 KB 269ms
93ms Script
application/javascript 172.67.70.134
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a7f1a87f793f525b45bf25122d0376175c3fd3204c4f800d88fe0bd7a50e6a1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:43 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 02 Mar 2023 01:14:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2256
etag: W/"a5a8bd0a11512d89ff43a881db29a508"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BIobX52rq%2FZPaf%2BsNmMvcF8dBkIdlWWJ%2F%2BkkLODzH%2FZ9Kzh7WZ3n%2FnKhEVEhcneEX2n%2FK0E2JJTlxb4W5PfMKNng%2FptWkzUgR9bZpyClq82FjsczluGCdwfp443P2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 7a15ff09ae7a299d-MEL

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.eldersweather.com.au/ 10 KB
4 KB 516ms
176ms Script
application/javascript 13.33.33.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.eldersweather.com.au/choice.js?tag_version=V2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-12.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d886a6db7b62c707dd1578aad6ae350ba2a240497b2eb110e12493b3e73963c1

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: gzip
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
last-modified: Fri, 15 Jul 2022 05:32:30 GMT
server: AmazonS3
x-amz-cf-pop: SIN2-P1
age: 19
x-amz-server-side-encryption: AES256
etag: W/"e997cfcc6cc61494dc99ecd502aa8838"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: cZ63bP5NhEIqVK-36n36i4J6IJ3cLhA4zH1j-tL2z9jCvLFjBzCl2A==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
868 B 267ms
92ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1317320
x-guploader-uploadid: ADPycduD6HI_jxB-ldfRsetn4C-LC4uDnsckA-1dctbxpQ7QR-lYqlSxmZELDnX8jiOlQes9nAKiRVRQ9pVGQGhXuUCrvQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NjINA1cu6PEiAU%2F2YAWPr4dVCXXXLdbsHkPlLwpCUJMo11EYKho9gylMOqS8FEZL5WOQt33NuGo%2BlwMZrA3eymo1g9hjBhDK0cREpLVPQCZVgEVZ053dV6%2BehvWAwafiyg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7a15ff0b6b14df2c-MEL
expires: Tue, 14 Feb 2023 20:56:23 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 727ms
168ms Image
image/x-icon 142.251.10.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sd-in-f149.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 04:06:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78326
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 04:06:18 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
323 B 270ms
96ms Image
image/gif 172.67.69.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.2268454170353844
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1317320
x-guploader-uploadid: ADPycduD6HI_jxB-ldfRsetn4C-LC4uDnsckA-1dctbxpQ7QR-lYqlSxmZELDnX8jiOlQes9nAKiRVRQ9pVGQGhXuUCrvQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdwmGi3NsH97kx7RsIYjdF%2FF56sTYtl9wGEy6e7Pyrp4mLIdUgi7RE%2FDNuN6JEIUkSmRYMT288Vp3G5se2rrDeh61W4xtevGsdgH0vBndzXstVpMTnD94tF%2BoO32QdO41w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 7a15ff0b6b15df2c-MEL
expires: Tue, 14 Feb 2023 20:56:23 GMT

GET
H2 200 cmp2.js Show response
cmp.quantcast.com/tcfv2/ 178 KB
47 KB 198ms
197ms Script
text/javascript 13.33.33.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=www.eldersweather.com.au
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/PRrmquD1Ggcb1/www.eldersweather.com.au/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.33.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-33-12.sin2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a15e530e5c2ecf56f02734b014ea604bc9416bbb6c3ae7370c9fa946252dd593

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:35:35 GMT
content-encoding: gzip
via: 1.1 626bcc948b842c34ed60b35c5e127f38.cloudfront.net (CloudFront)
x-amz-cf-pop: SIN2-P1
age: 970
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Wed, 08 Feb 2023 17:32:59 GMT
server: AmazonS3
etag: W/"6b0a086b916dbc23eeeb46d099e7aa8b"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
vary: Accept-Encoding
x-amz-cf-id: bQ5xeQEVeFOHpSJP97dB8WleDmLXZpyna-w8W1WKIlKdF13V_ZuD8g==

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 448ms
273ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: fa1f876cb70f7a711191b9dab191d9cc1c037ae4f5f5ea032dfe742f51c07f65

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:44 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 449ms
274ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=qy7mch96Y&w=5657810661539840&o=5708166709903360&cv=2.1.07-4-g5b119f8&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=oNKwzFDT&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?o=5708166709903360&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 02 Mar 2023 01:51:44 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 36 B
570 B 534ms
355ms XHR
application/json 104.18.24.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=623405&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2217f324bddba40d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.eldersweather.com.au%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A9%2C%22msi%22%3A9%2C%22mfu%22%3A0%2C%22bu%22%3A5%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A5%2C%22ren%22%3Afalse%2C%22version%22%3A%226.27.0%22%2C%22userIds%22%3A%5B%5D%2C%22url%22%3A%22https%3A%2F%2Fwww.eldersweather.com.au%2F%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%222b95fd69a31e46%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2234be2411b1f7e8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A1%2C%22h%22%3A1%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%221x1%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2249b2018d33bec3%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%225c9929832a1537%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A468%2C%22h%22%3A60%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22468x60%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22690318785065c1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22623405%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22publift.com%22%2C%22sid%22%3A%2201E1GE0P2SJW4VHN8F6YHGGTMF%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 782df29c4bb6766cc543653878ee2800b047eb22edeb35973cadf7e496fb5661

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NiAm45WfihSjoTzTFc9BBZXigtGzZMos%2Fa9jFSRDARRzSKTBFkT%2BhknfAiw1e1M3WoPqRcVBCw7JisBYHOPMvc1QoAfDRt6tHtxVO6r2oE2vxDtfVQR3w69j%2F6e0EwkURCKcBKOg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 7a15ff108d3429a6-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 36
expires: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 959 B
2 KB 527ms
178ms XHR
application/json 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: d2d489b3037a93d2a9fd172f53c012d707b78d4f15f019ed70e85d903eb28c4b

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 1001 B
2 KB 530ms
182ms XHR
application/json 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: f989bb47268d69d133e07db1dfab0a8d4a01ad76dfabe359737c1230fde6c07d

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 1 KB
2 KB 529ms
181ms XHR
application/json 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: fc11879d63c702e52a3fca2fdb414c7392b6899559da8a241a290a7897736264

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 929 B
2 KB 527ms
180ms XHR
application/json 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: a3ea7b2bef0aac0e607b8c5f6f326d6b6662d49934c833dc809f7d5c5cee0cdb

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 1 KB
2 KB 524ms
178ms XHR
application/json 23.106.127.48
LEASEWEB-APAC-SIN...

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.106.127.48 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software: /
Resource Hash: 1151e684839800de1f541e946af87aa4e3e8bc348ad8e2576e1fc49e8899fea2

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: br
transfer-encoding: chunked
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
969 B 895ms
429ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904507&to=0&aun=fuse-slot-21631508592-1&maxw=728&maxh=90&si=113330&pi=3&bf=468x60%2C728x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1a0a3d45e19a1f51ff161070304fccf9dbd03376fba82c0cb8216e82b7be6d49

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
970 B 697ms
232ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904508&to=0&aun=fuse-slot-21631508592-1&maxw=728&maxh=90&si=113331&pi=3&bf=468x60%2C728x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 11fb3e5358ae0c930c1dea226c552fa6a780b626e080d4d86857f8cfa97a5c3e

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
971 B 694ms
230ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904508&to=0&aun=fuse-slot-21631493798-1&maxw=300&maxh=250&si=113327&pi=3&bf=1x1%2C300x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dde15ca1c7789ee573d7f6495725bedc09e570d8d0acae7601b6161d5397a487

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
970 B 692ms
229ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904508&to=0&aun=fuse-slot-21631493342-1&maxw=300&maxh=250&si=113327&pi=3&bf=300x250&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: abac4bb8d95b886d06be50d7b4bd272a97f75606490f1d30324d6b8142e6178b

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
968 B 695ms
233ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904508&to=0&aun=fuse-slot-21631493702-1&maxw=728&maxh=90&si=113330&pi=3&bf=468x60%2C728x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5f5e0729db44df008ca46f06ef0cd1ed260a8533038f5ba8932004a08986736e

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
968 B 692ms
231ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904509&to=0&aun=fuse-slot-21631493702-1&maxw=728&maxh=90&si=113331&pi=3&bf=468x60%2C728x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d02e5a7fcfb1187745e51236606fc788a096e2e3574db7496936a82b6e08e809

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ 440 B
967 B 692ms
231ms XHR
application/json 54.64.5.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?lt=1677721904509&to=0&aun=fuse-slot-22712184712-1&maxw=970&maxh=90&si=113331&pi=3&bf=728x90%2C970x90&gdprApplies=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.eldersweather.com.au%2F&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%226.27.0%22%7D&ogu=null&ns=9421
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.5.129 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-5-129.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 288ead3b6116a8aad98d76895391e36bbe10bcd240ca89082ed12b4963472491

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 arj Show response
publift-d.openx.net/w/1.0/ 174 B
596 B 567ms
392ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://publift-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.eldersweather.com.au%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c1fe286d-1017-46cf-8afc-3b700e9f1872%2Ca3d34b85-d96f-4a50-ab4f-ba7a5f1717a4%2C5d6c5e2e-1b77-4bcf-af09-c32b6c72619f%2C8849a6cb-a212-423c-836f-ff3d48362868%2C9420f569-e6ae-4809-af32-af62021d7298&nocache=1677721904516&gdpr=0&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&aus=468x60%2C728x90%7C1x1%2C300x250%7C300x250%7C468x60%2C728x90%7C728x90%2C970x90&divids=fuse-slot-21631508592-1%2Cfuse-slot-21631493798-1%2Cfuse-slot-21631493342-1%2Cfuse-slot-21631493702-1%2Cfuse-slot-22712184712-1&aucs=%2C%2C%2C%2C&auid=544052373%2C544052373%2C544052373%2C544052373%2C544052373
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a6ce561849982396ceb8b74fa63bd29becd8dc0d185d0294390e255f36ea6a7e

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 164
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
513 B 616ms
271ms XHR
application/json 52.74.168.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=6.27.0&referrer=https%3A%2F%2Fwww.eldersweather.com.au%2F&tmax=1000&gdpr=false

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.74.168.55 , Singapore, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
accept-ch: sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
226 B 556ms
215ms XHR
text/plain 182.161.73.145
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.27.0&cb=21405518068

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 01:51:44 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.eldersweather.com.au
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 15 KB
9 KB 824ms
368ms XHR
application/json 104.254.151.60
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

fde82e2b95e8e53bb1c2acde4e9c39dfd419bf7ec4794f7e05e8ecc7dfa55258

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Mar 2023 01:51:45 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.209.254.40; 103.209.254.40; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: fc9d65a6-6e79-45bd-bb03-e331adadb6fb
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.eldersweather.com.au
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 v2 Show response
i.connectad.io/api/ 130 B
526 B 685ms
508ms XHR
application/json 172.67.8.174
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://i.connectad.io/api/v2
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.8.174 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ffcdaa1b3f1c244728c649e879bfedec025e1dd502e16fdce0453b63684935f

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: https://www.eldersweather.com.au
content-type: application/json
cache-control: no-cache, private
access-control-allow-credentials: true
cf-ray: 7a15ff10adb25a67-MEL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 c Show response
prebid.a-mo.net/a/ 584 B
871 B 950ms
372ms XHR
application/json 145.40.89.200
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 45d69e23128c0d897b920aca97e6099b5f6696706e15fe1b5ae31dbf37064f3d

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 02 Mar 2023 01:51:44 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 85
content-length: 301

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
511 B 780ms
266ms XHR
application/json 23.207.181.47
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.207.181.47 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-207-181-47.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Thu, 02 Mar 2023 01:51:45 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
535 B 738ms
245ms XHR
application/json 209.191.163.209
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.27.0
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 209.191.163.209 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: f21858e25478a641d3043e924219563fa81704171910fbe14c275ba9e8a14e12

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

Date: Thu, 02 Mar 2023 01:51:45 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.eldersweather.com.au
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3sfo1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
584 B 764ms
249ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=360968&zone_id=1947930&size_id=2&alt_size_ids=1&gdpr=0&rp_schain=1.0,1!publift.com,01E1GE0P2SJW4VHN8F6YHGGTMF,1,,,&rf=https%3A%2F%2Fwww.eldersweather.com.au%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=c1fe286d-1017-46cf-8afc-3b700e9f1872&l_pb_bid_id=74da1946c401965&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41981151002267936
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 48a7195f070eb3c7ad2bac8af70df27b12e0488389724760edd09e86dfb6fc02

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 259
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
565 B 793ms
279ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=360968&zone_id=1947928&size_id=15&alt_size_ids=221&gdpr=0&rp_schain=1.0,1!publift.com,01E1GE0P2SJW4VHN8F6YHGGTMF,1,,,&rf=https%3A%2F%2Fwww.eldersweather.com.au%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=a3d34b85-d96f-4a50-ab4f-ba7a5f1717a4&l_pb_bid_id=756bf61e1a05c3f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3557243779517725
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 537a363620e8461bd8532be7054ebe40ebae18d856d0a278fc701b30ebccadc7

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
797 B 746ms
232ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=360968&zone_id=1947924&size_id=15&gdpr=0&rp_schain=1.0,1!publift.com,01E1GE0P2SJW4VHN8F6YHGGTMF,1,,,&rf=https%3A%2F%2Fwww.eldersweather.com.au%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=5d6c5e2e-1b77-4bcf-af09-c32b6c72619f&l_pb_bid_id=764f50a5fd7f4b9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.3454288728646173
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 5bf90701f002702ce05ed99e8c5abfc376705556125d5f929c871ba712c2afde

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 259 B
583 B 748ms
235ms XHR
application/json 69.173.158.65
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20884&site_id=360968&zone_id=1947926&size_id=2&alt_size_ids=1&gdpr=0&rp_schain=1.0,1!publift.com,01E1GE0P2SJW4VHN8F6YHGGTMF,1,,,&rf=https%3A%2F%2Fwww.eldersweather.com.au%2F&tk_flint=pbjs_lite_v6.27.0&x_source.tid=8849a6cb-a212-423c-836f-ff3d48362868&l_pb_bid_id=774f7810d7bd72e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.439014488419212
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 34d1c25672ccafa000d00af43f3670c1370bd10d0222bc5d8c5b73dcc3e8ff98

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:45 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.eldersweather.com.au
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 259
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
122 B 523ms
181ms XHR
text/plain 103.231.98.193
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 103.231.98.193 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.eldersweather.com.au/
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.eldersweather.com.au
date: Thu, 02 Mar 2023 01:51:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 134 B
474 B 637ms
289ms XHR
text/javascript 13.33.30.231
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.eldersweather.com.au%2F&pid=jBHR4eQUVHVLP&cb=0&ws=1600x1200&v=23.225.2013&t=2000&slots=%5B%7B%22sd%22%3A%22fuse-slot-21631508592-1%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%221018416%2Fnew_weather_bottom_728x90%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21631493798-1%22%2C%22s%22%3A%5B%221x1%22%2C%22300x250%22%5D%2C%22sn%22%3A%221018416%2Fnew_weather_Rside1_300x250%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21631493342-1%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%221018416%2Fnew_weather_Rside2_300x250%22%7D%2C%7B%22sd%22%3A%22fuse-slot-22712184712-1%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%221018416%2FTWC_eldersweather%2Fdesktop_sticky_footer%22%7D%2C%7B%22sd%22%3A%22fuse-slot-21631493702-1%22%2C%22s%22%3A%5B%22468x60%22%2C%22728x90%22%5D%2C%22sn%22%3A%221018416%2Fnew_weather_top_728x90%22%7D%5D&schain=1.0%2C1!publift.com%2C01E1GE0P2SJW4VHN8F6YHGGTMF%2C1%2C%2C%2C&pubid=8b48e249-e9e6-4a52-8b48-396ea93403e8&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.30.231 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-30-231.sin2.r.cloudfront.net
Software: Server /
Resource Hash: 134684ff420584267ef0d326d45c63564eef609ca2ba0b0ba04c18db013f2d47

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:44 GMT
via: 1.1 4d52d2bee89a499a2c7d426aa79a8efa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: SIN2-P1
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 134
x-amz-cf-id: 4sfDcQ9ur7sQURAyvy42_-kJRrgveQXHV71R1JsR4vyQw5wI_3zdnw==

GET
H/1.1

200
OK

iu3 Show response
s.amazon-adsystem.com/ Frame B436
Redirect Chain

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift&dcc=t

304 B
1 KB

311ms
310ms

Document
text/html

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift&dcc=t

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

dc94174b6955129f60e20bd00c011b5beb77cb46beb23e502e55b4d80e867a30

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 304
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 02 Mar 2023 01:51:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: W10PT60VEMNXQ0J9KP3H

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Thu, 02 Mar 2023 01:51:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: TJQ132W598E0997BWV40

GET
H2 200 integrator.js Show response
adservice.google.com.au/adsid/ 107 B
531 B 510ms
171ms Script
application/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com.au/adsid/integrator.js?domain=www.eldersweather.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 511ms
170ms Script
application/javascript 74.125.24.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.eldersweather.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f157.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 174 KB
45 KB 678ms
678ms XHR
text/plain 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4071249316882924&correlator=2068820056156643&output=ldjh&gdfp_req=1&vrg=2023022701&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&iu_parts=1018416%2Cnew_weather_bottom_728x90%2Cnew_weather_Rside1_300x250%2Cnew_weather_Rside2_300x250%2CTWC_eldersweather%2Cdesktop_sticky_footer%2Cnew_weather_top_728x90&enc_prev_ius=0%2F1%2C0%2F2%2C0%2F3%2C0%2F4%2F5%2C0%2F6&prev_iu_szs=320x50%7C468x60%7C728x90%2C320x50%7C1x1%7C300x250%2C320x50%7C300x250%2C728x90%7C970x90%2C320x50%7C468x60%7C728x90&fluid=height%2Cheight%2Cheight%2C0%2Cheight&ifi=1&adks=2029540140%2C992480374%2C359090668%2C2831991766%2C1422576082&sfv=1-0-40&prev_scp=amznbid%3D2%26amznp%3D2%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.02%26hb_adid%3D8542265ec93d2ae%26hb_bidder%3Dappnexus%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0%7Camznbid%3D2%26amznp%3D2%26is_refresh%3Dfalse%26slot_prev_count%3D0%26adunit_prev_count%3D0&eri=1&cust_params=fuse_profanity%3Dfalse%26fuse_site%3Dwww.eldersweather.com.au%26fuse_path%3D%252F%26fuse_query%3D%26fuse_category%3D%26fuse_industry%3DIAB12%26testmode%3Dfalse%26inskin_yes%3Dtrue%26fuse_uuid%3D872827ae-f64c-51b3-8332-06cf68705295%26fuse_publication_id%3D3%26GPT_READY_MS%3D6000-6999%26PREBID_READY_MS%3D5000-5999%26UAM_READY_MS%3D6000-6999%26CMP_DETERMINED_MS%3D7000-7999%26CMP_GDPR_CACHED%3Dfalse%26FUSE_LOADED_MS%3D5000-5999%26CMP_JURISDICTION%3Dnone%26CMP_ALLOW_PERSONAL%3Dtrue%26GPT_AUCTION_START_MS%3D8000-8999%26CMP_LOAD_FINISH_MS%3D7000-7999%26FIRST_ZONE_MS%3D7000-7999%26HB_AUCTION_START_MS%3D7000-7999&sc=1&cookie_enabled=1&abxe=1&dt=1677721905500&lmt=1677721905&dlt=1677721899911&idt=3485&adxs=695%2C980%2C980%2C436%2C422&adys=51%2C365%2C1127%2C1245%2C1770&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C1%7C2&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&frm=20&vis=1&psz=728x0%7C300x0%7C300x0%7C0x-1%7C728x0&msz=468x0%7C300x0%7C300x0%7C728x-1%7C468x0&fws=132%2C132%2C132%2C644%2C132&ohw=1600%2C300%2C300%2C970%2C1016&ga_vid=664250658.1677721902&ga_sid=1677721906&ga_hid=735555074&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e97e3d6c05316b73cb5bfcbdab9e6a6e4f09473974ae98dc3b8016be21733f1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45807
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.eldersweather.com.au
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
230 B 171ms
171ms Fetch
text/plain 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=21631508592&cmpj=none&v=1&ttm=1677721905518&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=872827ae-f64c-51b3-8332-06cf68705295&fid=2304&pubid=3&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=277a7ae94dac0a0f33b6&srate=100&adserver=gpt&etm=8841&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Thu, 02 Mar 2023 02:21:45 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
230 B 176ms
176ms Fetch
text/plain 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=21631493798&cmpj=none&v=1&ttm=1677721905519&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=872827ae-f64c-51b3-8332-06cf68705295&fid=2304&pubid=3&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=277a7ae94dac0a0f33b6&srate=100&adserver=gpt&etm=8842&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Thu, 02 Mar 2023 02:21:45 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
230 B 178ms
178ms Fetch
text/plain 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=21631493342&cmpj=none&v=1&ttm=1677721905519&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=872827ae-f64c-51b3-8332-06cf68705295&fid=2304&pubid=3&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=277a7ae94dac0a0f33b6&srate=100&adserver=gpt&etm=8843&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Thu, 02 Mar 2023 02:21:45 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
230 B 176ms
176ms Fetch
text/plain 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=22712184712&cmpj=none&v=1&ttm=1677721905520&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=872827ae-f64c-51b3-8332-06cf68705295&fid=2304&pubid=3&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=277a7ae94dac0a0f33b6&srate=100&adserver=gpt&etm=8843&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Thu, 02 Mar 2023 02:21:45 GMT

GET
H2 200 noconsent Show response
cdn.fuseplatform.net/telemetry/ 1 B
230 B 176ms
176ms Fetch
text/plain 23.52.171.106
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.fuseplatform.net/telemetry/noconsent?auid=21631493702&cmpj=none&v=1&ttm=1677721905520&cookie=true&res=1600x1200&device=desktop&browser=chrome&fuuid=872827ae-f64c-51b3-8332-06cf68705295&fid=2304&pubid=3&url=https%3A%2F%2Fwww.eldersweather.com.au%2F&sid=277a7ae94dac0a0f33b6&srate=100&adserver=gpt&etm=8844&e=slot-request
Requested by: Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/publift/tags/2/2304/fuse.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.52.171.106 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-52-171-106.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2d711642b726b04401627ca9fbac32f5c8530fb1903cc4db02258717921a4881

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
last-modified: Wed, 10 Aug 2022 11:31:51 GMT
server: AkamaiNetStorage
etag: "9dd4e461268c8034f5c8564e155c67a6:1660131111.248793"
vary: Origin
content-type: text/plain
access-control-allow-origin: https://www.eldersweather.com.au
cache-control: max-age=1800
accept-ranges: bytes
content-length: 1
expires: Thu, 02 Mar 2023 02:21:45 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 518ms
180ms XHR
application/json 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d25d3338a3bad57e7304968b20fff9da18658b996ccb77855a2e9102495c725

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11422
x-xss-protection: 0

GET
H2 200 container.html Show response
1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 32C8 6 KB
3 KB 514ms
169ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:45 GMT
expires: Fri, 01 Mar 2024 01:51:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ 87 KB
28 KB 685ms
341ms Script
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: cdn.fuseplatform.net
URL: https://cdn.fuseplatform.net/prebid/prebid-25193ef501f49f167e7c1553d6537cd9.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 01:51:45 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 779ms
436ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H2 200 container.html Show response
1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DC9C 6 KB
3 KB 170ms
169ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:45 GMT
expires: Fri, 01 Mar 2024 01:51:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9BFC 6 KB
3 KB 174ms
174ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:45 GMT
expires: Fri, 01 Mar 2024 01:51:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E15B 15 KB
6 KB 520ms
172ms Document
text/html 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eldersweather.com.au&gdpr=0&gdpr_consent=

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 376977
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 89 KB
29 KB 521ms
175ms XHR
text/javascript 182.161.73.129
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

nginx /

Resource Hash

20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 24 Feb 2023 07:57:32 GMT
server: nginx
etag: W/"63f86dec-16386"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 03 Mar 2023 01:51:46 GMT

GET
H2 200 container.html Show response
1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5B84 6 KB
3 KB 169ms
169ms Document
text/html 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:45 GMT
expires: Fri, 01 Mar 2024 01:51:45 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302171719000/ Frame 8DB6 222 KB
61 KB 512ms
168ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a64ac18511a1f15afc6f51edc89e41ee1c7f6444134aad2926b21743ced6c461

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:28 GMT
age: 200598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61847
x-xss-protection: 0
server: sffe
etag: "b91941a2860567a7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:28 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 8DB6 15 KB
5 KB 799ms
456ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0439c2127eb1812543cc77f0f41bd98da71691c6c2d5bbf9c565670f7fada88a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:28 GMT
age: 200598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5237
x-xss-protection: 0
server: sffe
etag: "304dd5725e1eccd8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:28 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 8DB6 94 KB
28 KB 816ms
473ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1700a43bc40da2d69d238085ddfeea6fac6dc64ff76f5cef529d6fd6b619a62

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:28 GMT
age: 200598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28901
x-xss-protection: 0
server: sffe
etag: "8f636c70fc937458"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:28 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 8DB6 5 KB
2 KB 918ms
575ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b2e8cd03a76b243eca9a0e60815deae7256cb7a2de760eb9ee82a0cf31ffcb9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:28 GMT
age: 200598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1926
x-xss-protection: 0
server: sffe
etag: "df03f558eda3b320"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:28 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302171719000/v0/ Frame 8DB6 40 KB
13 KB 892ms
549ms Script
text/javascript 142.251.10.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302171719000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.10.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a49e61b6d6681308d160ce1cf6ce1b85e651deff16c6ae1c2df999ef3f0c6ec8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 27 Feb 2023 18:08:28 GMT
age: 200598
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12954
x-xss-protection: 0
server: sffe
etag: "e0426f4a93046162"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 27 Feb 2024 18:08:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 8DB6 4 KB
1 KB 519ms
174ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 01:26:34 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8DB6 3 KB
3 KB 481ms
412ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/en.png

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a64faec356c3a72f249a98a037317adc730ec6d38e47653cd53be5485d80a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 10:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 57089
etag: 15880770647744369592
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2982
x-xss-protection: 0
expires: Thu, 02 Mar 2023 10:00:17 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 8DB6 344 B
448 B 489ms
420ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:18:41 GMT
x-content-type-options: nosniff
server: cafe
age: 1985
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Fri, 03 Mar 2023 01:18:41 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8DB6 0
0 182ms
182ms Image
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C2f9aMQEAZNPlJ76QmsMPwMmJ-AHq5OScb9zgq7SNEaLcv6DUARABIMiWrUVgpcCjgKQBoAG464aSA8gBCakCsgzDnMGupj7gAgCoAwHIAwqqBPUBT9C7Txfv_WJL67vguG77-_crcxFkYSkANarUg69cCMNffCO6S4Or1_3StGYYsnYxPTfXLV0hcwbEcIB7_D8k24NXPGTzA41_RMa6pGoPlzSQx8fonJRS6x6jxFo7kL8CRfJGj16GBbz1Xxdqzm6fUVVCx04k9hxLA4Ls135__sero-530V1er9hSzvcsa5JJydCwoBTlEgR8RW1ECZvfumimi8VCv21EPki2dr7S4Sx9SFdfH6jhVZYj_4r_L0JSL5aKPLTIYwmtorvowyOvWh_sa1H1K5deRrVoPF5ElDVgYnnPPXuLWaS9_1sucCHawimFkXvABOfIgrGsBOAEAaAGLoAHsJT5bagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELipMtIIDwiAYRABGB0yAooCOgKAQIAKA8gLAbgT5APYEwOIFAHQFQGYFgGAFwGyFx4KHAgAEhRwdWItODcwNDQ4MDQxMjQzMzg4OBiAzwY&sigh=vr80LTMpVxk&uach_m=[UACH]&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&template_id=484
Requested by: Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/6293826237118933732/ Frame 8DB6 36 KB
36 KB 256ms
193ms Image
image/jpeg 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6293826237118933732/6592766407814317453

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

71e403c010e30ce3fc1d767b0d53beebbc07eca14601d15917a97b92ae7d8412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 21:23:43 GMT
x-content-type-options: nosniff
age: 16083
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36803
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 01:24:14 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 21:23:43 GMT

GET
H2 200 11530941303690275019
tpc.googlesyndication.com/simgad/ Frame 8DB6 2 KB
2 KB 466ms
403ms Image
image/png 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11530941303690275019?w=100&h=100

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36d11baca0cc9924112c58c787359fc5483a3f1c46296520ceafba2e2afbd66c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 14:03:40 GMT
x-content-type-options: nosniff
age: 42486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1616
x-xss-protection: 0
last-modified: Mon, 15 Nov 2021 02:54:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 29 Feb 2024 14:03:40 GMT

GET
DATA 200
OK truncated
/ Frame 8DB6 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cfff0369f88088139c9f75535b260abaa7dbae11112eb2d35d5d38e941040af

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7FB3 645 B
839 B 512ms
172ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNXnhSlj0JA2Sp2uQlLhiUnpBCE40OvhzcCDrcxUI8XrFu2D6Vm9rf_T9Kq8DMqRg-OZYDF9qq5bRBzDBlqw0v1hIjZWNCoo7q0v6GXxAeezQEEK8_Q

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:46 GMT
expires: Thu, 02 Mar 2023 01:51:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame DC9C 78 KB
27 KB 177ms
176ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9C 42 B
63 B 174ms
173ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ANZfMHAGEr_v4ZF2JQggvsmB2GHMaCSfek895VP9DURmbgIeqzMhuU03p6aa5BhdeUPrXuWpu6cD7nO1IOzTc-ztNiY0_MwHlUfAVo3zhXgufqiIU

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9C 0
20 B 175ms
173ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=10213204134933896719&x=1&ct=76

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame DC9C 3 KB
1 KB 201ms
192ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame DC9C 20 KB
9 KB 180ms
171ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:33:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC9C 158 KB
49 KB 517ms
173ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C88E 645 B
518 B 497ms
173ms Document
text/html 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNUtfF_qn93bD6AhFws9Fz4eIychtk7yfKEEiLv-OKutjOFU99z2DW7UoQqjVg8PfeJRqPFaserHhTjz_Dmm17niw60wE6i0_bwt8coD8PbPAkthDCk

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a08acd55bb001aa85ced7f4f93a4a1446ca18a17689e872b59a9da81ebe0cd45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 234
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:46 GMT
expires: Thu, 02 Mar 2023 01:51:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9BFC 78 KB
27 KB 220ms
219ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFC 42 B
63 B 213ms
212ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DmsHRIo67fuI7vc_j98FWPU_I0DnqWf6SXJnnd3enikpfgqOn6x06yw-zoT1sod6fv28y8l_wwzxk-cIw3QmW-_8tKTox2PQkrV6Dvfr_zs1g98ZE

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFC 0
20 B 214ms
213ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=11986679766924351222&x=1&ct=76

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 9BFC 3 KB
1 KB 479ms
478ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/window_focus_fy2021.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:42:32 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 9BFC 20 KB
8 KB 433ms
432ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:33:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9BFC 158 KB
48 KB 757ms
425ms Script
text/javascript 172.253.118.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.118.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sl-in-f155.1e100.net

Software

sffe /

Resource Hash

04e8409a13fe19247cf7c55cda100bb4097f3fe49e326a04302a30ba4ccb0333

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677673803517815"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 5B84 22 KB
9 KB 427ms
426ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite_fy2021.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f53b2103abffed07c86a43ad48a3a064677134cc7b52c0bdf9ff4f3b20d14656

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9122
x-xss-protection: 0
server: cafe
etag: 6330344511044705610
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:33:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 5B84 8 KB
789 B 383ms
175ms Stylesheet
text/css 142.250.4.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f95.1e100.net

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 02 Mar 2023 01:22:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 02 Mar 2023 01:51:46 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 5B84 14 KB
3 KB 508ms
168ms Stylesheet
text/css 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.css

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 13:51:13 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/ Frame 5B84 376 KB
128 KB 509ms
169ms Script
text/javascript 74.125.24.95
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.95 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f95.1e100.net

Software

sffe /

Resource Hash

d07304cca832f4d70ceafd73f39bf68de4cb3b8185f24614641e6f860118389b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Mon, 27 Feb 2023 13:51:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 216033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131380
x-xss-protection: 0
last-modified: Mon, 27 Feb 2023 11:39:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Feb 2024 13:51:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/ Frame 5B84 20 KB
8 KB 452ms
451ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230227/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6c19d8875246d4def23e273e3c6d2887aeba815c80128b91c8b86dc35e38e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:33:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5959907985313552934
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:33:39 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9C 0
20 B 174ms
173ms Ping
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1666464623530&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9C 0
20 B 173ms
173ms Ping
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1666464623530&version=m202301230201&ct=76&x=1&cor=10213204134933897000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame DC9C 84 KB
36 KB 298ms
203ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPssuHorFTANY98jomrryQcusD-1cnvXI-0txjNEv5kDSrpyShJvCrzqz3avLGottGKJBlcnIWDBQTClJ9uAMmuIuBIAgUXUgj7esagxFGkTum508&cry=1&dbm_d=AKAmf-DMBZG9r83Dwf2yt9ResBDu4fU8rR4tdMMVCqrcGYE_esqQmnJ1JkJN7NOLp4bNN21pwr2t77xQL2CAZPuKRNs46Lrt5blAv24zERBPkZYALfrinifV8tXDeHCbISv5ZdqsYOeGMBQG1vT3SQGGkmNCfAhJi5TlciB-mMv_TLnHFSjOZvWHyIHQVAQTk9-0yoM5blvOa0hZzW2MVcUlNKbq6p92YBZCO4NKQm6bAUor-0Bi6ml3TEGQp28EsEuizwdTyd6XCfcfZTC83Eg7l_Ja7l1kylHqOk3D6lNXNcfvKWyS2jMyATxmXjv7XCxlXg1hewADcHTOltKlKJ3CoSG_D_FvdgwQlL15UmQTrLft2FTKWf7yfvhwkYtS6TfZvNOcTc6FOZruJJ2X2xG1OwQ7ruNQ5RyyNw_NdP6AOPDhmQlJNQgk6FyrrdW97vKVxaopvwPxNF_qQLFpNDech4Sy7bYTi1gLvHrAjsxyDmkw-4QrdAyfXzkfGoVXVwvGKbZqoCkypn3xiWNxeA5S9o1WnnZvG-KJatzcVXc4YyebzN_h1LwnNYDZn0VXQkgVttXzeajXcsnzE-egGw0xrYRfy_0YwfP6gXlyPY0O5a8KuPP0B-9MbJXmZNOXqH1Im5wxUoQlaiDY2Y3xR7_2YPoEcSdFCLlfsErBI3NHvn2PhprH-woI6IpjwMIC2bO2PLUlFeRHWI74VfFBnzGsbcr2knM5cRjhE1byT9gWyg3S5uxt4CBUMT7JNW4TRtXIHaY3utPp-RU3TbSNCqCQRXxHKl-TEqWzB2GUvPeMfchWwMfT0gQhZQ7PNB-GP14zOjL8HeOn1ZjrX30HdQr3cT0snO1QqEk7pu7waljb9VBw4gvKORRBellarqiirNOukWVS_OlcFHdNa5HAnohsPe1Tr9pe0jaWtpSaiOe9WCS2Uf10MBImOysZSAxddGxnY2ruc8j3yhL6ahhbg5ToOU8oK6KNO1oBPdCiaTi5cpJ6G1qQ3c68eiCZXD8WiRjN7EYM0WpTrHJA9H-GJ7AKntDSXF5u20QDFHOc-TbDNKlCX1qWr7xhS4HbqF_BQ7oxNInjV95lGyFSVaG0n2rXSfu4xYpcN4ltuFqJusUMepT4F7WOnuggMpvJNXBO59D4YiNE20G5lWfU4MNmTefXOvsL0O_fFpssbifoIH1iD_WAn87zVHsqE2qDSkMetEmPSkZw_KhCgyIymK7mbehLGDZsAk0KDEIE-nnTn8VxGJWriF9XVVRALvy7oj1YSJOEaP9U49Zlh1xHNvyXr9LqTlxNULbSD-aRxCgBTZcwy0qs7lVF3PkG82hdjFkxdYAYWbbvQtOZ5ggPA8bi6_9xpPnhvtAElfYOgTYRrEGDSa4Ln59S1In_gUzPsvuq8BeurGxvCjrvRahJnjgfyKIJiaZ9_p7pljGQsTerb0xe-Z92u33uLfJVoaseAC0aWc_3V64lp2ttP6g-6Ihi6TX4dDVIfZ2TK3jetGO7kaX6N45Gksmst8NXlD3_8eXOTFI6FlEw19rd1ZDyVl1xNzpqksPL9HKrArEMMDJy8q4Vo2gPnVRuISRUixzhwZo97HQIfkfDyOp8QcQRh92hdc-biSyvWlQlK1-XjVOBtE3oz-Xw3TNffo8d78OKsbCUTJXdJ4jcMDqJ4hfiOkTfzAsY08yko-8JW1ScSSBFF7vr9Q45ysJzFvTDnMTv6JZLY1kk0Z93uz0ZnhdcNMTCecSe7Ikyvp4yr3egV77xSg6A7nJTUhLtwZXzlomcElOvbd7yyRrGX9H6mfPuhB6w2Y5RYr800bpgePsp3QdyuNY-4l7DR25zRwKRTtieKhKQ__HbOjwdRtNG61KCc7SSnUmUofTdfKJ-SSGBt5eg_s6adQbGpm2kShP--K6hg5YbpyNwyv_RIq5Zu_lB009uDuQtkqJc_nNem91-lvF8RyPsXIPtCeh17ex-G-Ocd2757BGAOf9pWgsg77wC-E4t9gu0QOe5t6NrbXSKLaC0u6foebFqwz422RStX1a9N0LGpFi4mJ4ALcW3mpVgOGKQoNc1ZMfyorvRPmBu6x1v7LD14cVsA3bW1v6Gcv-_nWjSWSLbgEGgE5e__jNGkQYD_0CAjQ9ueIAQzRqLdF1xr2fg3Jbfv482JPGBYYx3uNTUM8IbIJP3_WRM1RX5pqYsbjgeASc0RDVW91WWy-xy6aCG3oar9OkzJbQeZ9Ra967lyM9RYNYSrcJJ0Hmx0Sw1BJFvSGuHKfsCan-Ql3s8SvSRad1KgeVkA7BAd9PD8R2kOKiO0nL5t4QLT65knxwH_AsktUYZwkWDImrfsSfkFQZ78KzB7jfuO0c-M16K8TF1aYqx3uZ0JNG9-oSOyPhQ2zgWqVer81CzwrDoqkoEEqASHW_Xt4jo_09WK5FY8Fne_UAhqD6H1hL3Yf4dT8_yYn8YFCx5udymltOqUaT3h5zQ6FIizeiC04jbQ-XS0J2hOADnLNxSZVwkgC4hhem4NS3wZq0nUhTW2sX1Cxd2ilL5e696KRfyx3Xli5U6mzv9o46_4D7a8b7cQum6Iem0mgC8we_gQNuJZIaCmL-2Vrobw5D7dlbyg5uZglgkTztCPdBH5iM40zcyFkSfASiZ34fHrvX6tK1Kp_ouetfG7r4HQ3hk3JMJw7vEBEOnNO6WvzqLN_so6syztGjtaH3Sh44VR-DIAuxlPmmvY0o_effpoYNmbOLaTGm_69G-XXLH4ZCwVM3H500_erih21h2_X_oeSLeeIipdjsiLYr9AWu1lcT8cxisr52MrxzceNxkq0J7tSswj4YfvAwfFmztqXiIczjaypEncSH2HG1QcBOacm9atdGz7YStndidNLXgUbDn_x9FdzRLSpWVir7hIs-I6fc73YfT_sW81TwFRRa4wq2sbLPGOYvCxfjWbEc-Q8LwpUyCVR-v0Puu5Mm_nC1_XFacdoRB-dY7OmI51UHIwZUg6LZoekMC2_rWNx3Ei_w1jmgSlQFuVFM1nPrY90mTDtyurj2Y_c6jcbEnlBgvBf6hYMm3J9CnKCgpmPPY-GEdEUsXxZ5F-HTWqMCZoXBBMU5UMynMymnMr1ycvqUKEmZIr5tRh1cubs031g_jH4fUzOehtSqozJMguUg9vSRaPi7Flvzf8bK5FRw_boT7Slb373nauWpk8820f11O4PtpBE6CglHQ6FQuUvbqpA0pMykYlXvRurdIUCA-uS63ZxeSNaWKr39JXWIq6TVkaEkZqkhioVO34SaQ-xs00jU1bYTXcW_MAo45CY5LRDx-SMV-k2sdcPPDm1-BMQDZrEqWzJKEw8ZzAlCKzZ9lbeFBvxCxTk9F0TBXnqiqMhDjCsDIuELy9X5EcJbPkzi6wF_HvEieanGFe-XCrrlhvUa0zj492JsJgPMLq3h-MQAl9rMXTo8ifxGLGpt9mkl5Q5hnfbYJEecF&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.eldersweather.com.au%2F&ds=l&xdt=1&iif=1&cor=10213204134933897000&adk=3087818416&idt=227&cac=0&dtd=12

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ba9e266709b44535332058451b2c1a5849e38b3ec64e1320e872d9c20e76f34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36227
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pr Show response
s.amazon-adsystem.com/v3/ Frame CF71 1 KB
2 KB 291ms
290ms Document
text/html 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/v3/pr?exlist=ox-db5_n-inmobi_rbd_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift&dcc=t

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

b9c372cb226ba1838606f51ada3f9ad3b8745e80f8f1c7dc331986d66ab82c46

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&csif=t&gdpr=0&dl=rbd_ox-db5_n-inmobi_an-db5_3lift&dcc=t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 1497
Content-Type: text/html;charset=ISO-8859-1
Date: Thu, 02 Mar 2023 01:51:46 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: Z4GCWYSV3KM1EBAZEPVX

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFC 0
20 B 172ms
172ms Ping
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9555863264321&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFC 0
20 B 173ms
173ms Ping
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9555863264321&version=m202301230201&ct=76&x=1&cor=11986679766924351000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 9BFC 84 KB
36 KB 444ms
405ms Script
text/javascript 172.217.194.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMY0YQd0brp17nZn1dQOdx0rSVpc7o72IXjHlppXTQoV14lzaFqBg_BRU8BSydWHCfHHkKhXFxUciE62LaqhbHuvbz4IBG1v1yzzcieZqnWuoYZZc&cry=1&dbm_d=AKAmf-CxxT-FkW3-5vko3nTnvQC_UdwMIqWnuNaLg39D3ge-tiAQ3CeZUww9aNuSbn2jhPq_OsdQrLHMc8SRA0PSU8M6sbw-bJ4StgZzP_Gff6RTB5SfA1yAsFNLQNbwxX6ZK8afT0T8mm8TDHN7QxE5OfAm3InME0NUFPWPtQ8hQC99InUa-9wEfASDEPHCRnyZO6shYahXJAeo0Hltka4s10oF4HLQN_EkxPvMDuDiUMhlDAjeiHlpCBhaxE91P5pCQyy3XmDZyAiBu88LGOzSYAoYczhq_Sb83aZmuGa1DggD6AJuiTgwUHWvB4tMIYoAoFHfVWqsE8OwZGLwWXmsqOnnabz97Q-yjqzrLkc_EuWehbsRMNvEGmBzAwzSi_ucJdzvnEGE_XaDyB3u-qlGhk4xGFP-efnaZUEf12exMpQM803b8ytlk4cauMBOdwe6gBbxLCZrM1P6Ti6Htpqq57zAz4A_w4d7jloLw3qvrLp45EwJCIsPcC-V11682hHQ8NI96dH2B-mdWJdEUNT1QiPwaruxdwmMNQFf5qFo7ojBCAMCw9ju40_-rkqhi8qcL0i8tlNaW64en-IUUFYwyJMv3lwbXBCmtf6-pIqcB5mbJuBwwLLHTKEFd9iIlJC1etUYf5Ym1unwhaETaVNtptDx_FQvCF9vldhfHVEq4rHR-u1_s1STRzIx-x-pklAb8Jr9XA--Hya7Swx5jFisQMuPxY568Ss5bJgmEYETct-4K-dVU9-FEx-9sLml8mlrQ7bU8JsJkD2FY60KLICfCMJWaLRRJkor8InH5By2U7qU1mfXDX9Dw4xABvi4aiZQJH2Mgfl3AC70hPW6mQ8o8QW2TsGRxXpwN2KiiMgsJBXCUdSOestMoqW1Cz0FrAYzi4Mv3GfjJVYC2AJgp_srShskDX9ASOP6L79cs5THCh1fJJKlnZAZxm9tUT4rjt4m7NSRUcDtH75WeYZUqfw17vpJApFy7ycrueBPC-_lmlelsTSbuXhlYXMMFlS_n8hh4q1kAJQ_SHCKz6tcBe8XkcK-g6VrFN6gVc_ZZtVuYPX7dtJjqq-01oq8dR5YuX2Bk-Vg7r5OlGMsxEBsd06E_rFjFWkHUS2sPKjLAoV5THJg3PYyiQo1Rwa7OrFyLdl7EBedu8gR9vJk71dVbGj9F_QVNmtJzsoM3cwfZSFnytSDrqVvGQmEqs-eMFvtk5WxM7j4AqmYZOh2fPBfHRu29gZeDVCjM1-yMchd8A6Fvrn7uDP7K7gjWR40ncr-d-MZUl20LkgpPyfU03Uk8Cn4qPUsS977tA0JqRBg_341UZB6oG5pYVx3xX_Dr6hVGxjblDlGEHIsHlzn1WZA175MNLnszBt6essIv7Lop3Xv8m596Bv_3TSR1AEMz9NyXsRKwVaQE3wFjZrwCiy3ehyX7NUHZIHKeXSmaK8f_V3Hbxr-VlO4RBtOBn5YI5NwGxFEPKzVJP1jqFpzuhv9N-N73gpVXMBMsmz03__FvJk-A_RKE_NIpGqt57zf7l6PRgadSMbvMrL-STROnDMheJf1Db2YLSgRsieupc6BTHYUVn2JgoYi0X8b0G3xrb7UdfOu4qiOWR-2Kha6UlcqLUptjw-BBoz4n4BcZO_4l3bxaUkHJLpNzqnw1xPLE4CUyVJsc8aCv9m4A4a7VjFMnhXJm21ZbbTXAOqTLg1U7hAsAM-eFarCf-OVPpkjLzTcIqLreP9azigzv5lkIduwKrpNzVKB-HJpoJErBS3tbOTWSQAY7h-XHpAZ5D0aI6Zq0uKeI4nWE3YovF3E4PSXUVAY50cU4dyddw9j0iJItXwykVuVz3tqQoCRcobX0lrL_KP-0ydhYEvC-y_8P-nZmhRHfSgaDJXOb8tkp5Uv9_Tx-gOl7ujzF8GF7E5rmzBSsWHuccHxv1f1WxAJM7BZNXJ5Qbl-CpnizLsYp_H7Kp9eMo_Gv4FWh5OyQjZxQF5F6FMY89sQm1vz5hOll5ne5YSFSPkefeoDb1jI4tP9C05ompBh8mv5AjM8_YBRFQ79Vj3uYcBw4mAooJKc0I1qMSswqoS0wEzzZeYM1-Tudx0F_Q09eRLDC_fE2D7uQBkv9SQUpSwg2vraXqaF4vuUcqKYp4MYh1PUgY7LMA9Wof1JdIgrYZoRCc9s_6ZTIiaKhsH2cGc2QLLsEiBcS0t8mLe3opO0LjGOJWaOeekcOTqB8vnjhhZtT4LVFyD8aJXUW-5hf4NJRdxiyGLK3m4QexlNp_4AsfcpaBackegqk-C1ijnSA8emLJ0ozdG8nDsTWt65qeKUl61eVEmgRpfwa6whyuql6rds4v6yj9vNiaR3I9rwVIt417z0m8dDSu54u4hmXh0EKkZNF1GRPqaEWJh-1YqJ3WdO5qBRxn3gJpSUXIAVXUGcUcEOLDLBi5XWdcCF1fniJgPtB_CMUv4mbEKQqJ-Imvm78SkQZuKTI-GdTknGWlOSbOcntFqQOm6fiv8LDQ-KbQVj-lmsWlP0WWckqLfr1-lIwx7KcJp4uf8ylGgQrd4DlkMarr56XsC81lcG3nMZ56FuARD840TNgX9KLdTRfq0l4XnWHgExxWbczs1rooPd-eiYvs8uIiDQi84A3vXliCjnBUK76xT0FSUk8HqFjPJp5Ro4T2SOwd8hUL4NJgmvGXfIha9Ew11R6x-P5J85I8uUuFrrKIVJLIhL2Jk_t8Rm5B9s9jbLRtWJt6MayGKvER7O357mbxlAB2tYQ2_TSY5FRnyN1YZ1rxk7vLNICSRCVF9qYBeFrbLOZGHdafC42hLL74HfSe6boSkZ-AvY4YjBR53XdyutH0oj_KUvS4oTfp4JPv9QVWSCchLkBB6bX0UkyKb8SAsmWYXN3uC_8J0o2eDytlSprJLY1DDeksRz0RatAKYKYSZUcVz3P1wcrI5tIFtkcKlTvZ79ReKOzFuVX0twu2Z6pol3v7GxAx8lTDgiFKerMU2Zf5VYULvKz6gfgSKYvzPdHfh6XpHlUxPPBOLfq6mKQmj47TZsfdN2O-iU8YLt9sbSb-zOPLgAq44CQU_2pjsH50J8Vg1q3ozBuAxjdXry9x-afWWGv8wk8TfD1N5LKPc-MPjVMvQS2UKZ0-M-UIOGkOIZqwWNcU1qfHTOe7V3qBKlb957mTPxSjMGI_mCbmcSTnswG1bCb5N1n2JuEeKdF7brGiQcyCkrLsbG23cFsUhRSZ9VIF6cUAj3xeIsdBetg8dyTHeiYSgpFHE8FAKJdgJQH67uifcpD8qQ34m4iGF3USpCccKLXO9iXtIvq2lxrZm8LB-_Nl4QfbW4VtYccPcIXI62pZqhTBD8O93p__p6n9-nwJwvUQA2p2MsKZMB_fcBUTwDlP3bFh6GGIM_akBdz2mfdHSLzCDVgIN6hjSeK0MtYcoOc15O-no2XEVYgAxVz25tuhglfzNbU4zVKpLBnanC5tU9CSLFgBWlEB0tkKhNafxSc0DH-8TUMFGsI5VgUSqsmeU&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.eldersweather.com.au%2F&ds=l&xdt=1&iif=1&cor=11986679766924351000&adk=3013400680&idt=280&cac=0&dtd=4

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.194.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff08179084196a1b899d066970afeac49ee24462581730a2ceaafbab7a937d56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 36274
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
gum.criteo.com/sid/ Frame E15B 451 B
569 B 173ms
172ms Fetch
application/json 182.161.73.136
CRITEO-AS-AP Crit...

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=publishertag&domain=eldersweather.com.au&sn=ChromeSyncframe&so=0&topUrl=www.eldersweather.com.au&cw=1&lsw=1&topicsavail=0&fledgeavail=0

Requested by

Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eldersweather.com.au&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),

Reverse DNS

Software

Kestrel /

Resource Hash

9a6474d0c6a758abce786414dd05d7b1458dad5dd9f8742c9e94dee252e659c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.eldersweather.com.au&gdpr=0&gdpr_consent=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:46 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1449618
expires: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DB6 15 KB
16 KB 516ms
171ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 07:21:56 GMT
x-content-type-options: nosniff
age: 412191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Feb 2024 07:21:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8DB6 15 KB
15 KB 557ms
214ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.eldersweather.com.au
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 10:18:53 GMT
x-content-type-options: nosniff
age: 315174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Feb 2024 10:18:53 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E4AB 13 KB
5 KB 175ms
171ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 75622
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Mar 2023 04:51:24 GMT
expires: Thu, 29 Feb 2024 04:51:24 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6765 783 B
971 B 173ms
170ms Document
text/html 74.125.24.99
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.24.99 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sf-in-f99.1e100.net

Software

GSE /

Resource Hash

36a0d2f09725362d2e8d0abc71b07d9f08fe1efd50d6ce0bdbefa0122dd42b6e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FCBsw3UhjKwU0Jjm0TmXPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.eldersweather.com.au/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-FCBsw3UhjKwU0Jjm0TmXPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:46 GMT
expires: Thu, 02 Mar 2023 01:51:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1

43 B
632 B

281ms
280ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNXnhSlj0JA2Sp2uQlLhiUnpBCE40OvhzcCDrcxUI8XrFu2D6Vm9rf_T9Kq8DMqRg-OZYDF9qq5bRBzDBlqw0v1hIjZWNCoo7q0v6GXxAeezQEEK8_Q
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7FB3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAABMyR61ywxL-uLZ55nfQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1

43 B
632 B

281ms
281ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNXnhSlj0JA2Sp2uQlLhiUnpBCE40OvhzcCDrcxUI8XrFu2D6Vm9rf_T9Kq8DMqRg-OZYDF9qq5bRBzDBlqw0v1hIjZWNCoo7q0v6GXxAeezQEEK8_Q
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 7FB3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1

43 B
1 KB

228ms
227ms

Image
image/gif

104.254.151.60
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNXnhSlj0JA2Sp2uQlLhiUnpBCE40OvhzcCDrcxUI8XrFu2D6Vm9rf_T9Kq8DMqRg-OZYDF9qq5bRBzDBlqw0v1hIjZWNCoo7q0v6GXxAeezQEEK8_Q

Protocol

HTTP/1.1

Server

104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:47 GMT
AN-X-Request-Uuid: f5ad58db-8398-42bf-8d80-ef53b08876f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.209.254.40; 103.209.254.40; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7FB3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D

170 B
243 B

249ms
176ms

Image
image/png

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D

Requested by

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 01:51:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.209.254.40; 103.209.254.40; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ed79404e-c4f0-49e4-8aa5-a69f24eb72ae
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C88E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1

43 B
766 B

282ms
281ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNUtfF_qn93bD6AhFws9Fz4eIychtk7yfKEEiLv-OKutjOFU99z2DW7UoQqjVg8PfeJRqPFaserHhTjz_Dmm17niw60wE6i0_bwt8coD8PbPAkthDCk
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1&gdpr=0&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C88E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZAABM-0K4EHI6xyQyIMPdQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1

43 B
766 B

281ms
280ms

Image
image/gif

139.5.84.243
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNUtfF_qn93bD6AhFws9Fz4eIychtk7yfKEEiLv-OKutjOFU99z2DW7UoQqjVg8PfeJRqPFaserHhTjz_Dmm17niw60wE6i0_bwt8coD8PbPAkthDCk
Protocol: HTTP/1.1
Server: 139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOIOAk3bTpC_TyJKNw8vrrI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C88E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1

43 B
1 KB

229ms
228ms

Image
image/gif

104.254.151.60
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CInbosoCEOLFrN4CGKbHlNsBMAE&v=APEucNUtfF_qn93bD6AhFws9Fz4eIychtk7yfKEEiLv-OKutjOFU99z2DW7UoQqjVg8PfeJRqPFaserHhTjz_Dmm17niw60wE6i0_bwt8coD8PbPAkthDCk

Protocol

HTTP/1.1

Server

104.254.151.60 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:47 GMT
AN-X-Request-Uuid: d523f2ba-aece-4e65-8712-9ac9c8345e16
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 103.209.254.40; 103.209.254.40; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&gdpr=0&code=CAESEE63ZtTowrj6VWGtw9Af0Qk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C88E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D

170 B
232 B

171ms
171ms

Image
image/png

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D

Requested by

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Thu, 02 Mar 2023 01:51:47 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 103.209.254.40; 103.209.254.40; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 18a18a22-9e32-466a-be5f-75ebba501823
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTMxNTAxNTAzNTQ1MjAwNzIzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cm Show response
u.openx.net/w/1.0/ Frame EEEE 583 B
668 B 206ms
204ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ox-db5_n-inmobi_rbd_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: a4a732844a417b6897fd7540cf4afca00f14f6d03a67e0f67844bb5e527791a8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 357
content-type: text/html
date: Thu, 02 Mar 2023 01:51:47 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 9733
Redirect Chain

https://sync.inmobi.com/TAM?redirect=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D&gdpr=0
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=0&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dinmobi.com%26id%3D%7BID5UID%7D
https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-0be9AVRT3E-tufVL2OJLfcSIOwwa_-3tHH0Qynp-Mg

43 B
479 B

295ms
295ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-0be9AVRT3E-tufVL2OJLfcSIOwwa_-3tHH0Qynp-Mg

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ox-db5_n-inmobi_rbd_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Mar 2023 01:51:49 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: Y6RTYDKK9CWVD1FM37RS

Redirect headers

date: Thu, 02 Mar 2023 01:51:48 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=inmobi.com&id=ID5-0be9AVRT3E-tufVL2OJLfcSIOwwa_-3tHH0Qynp-Mg
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=63072000; includeSubDomains; preload
transfer-encoding: chunked
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame E26C 281 B
554 B 525ms
169ms Document
text/html 23.39.5.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Requested by: Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ox-db5_n-inmobi_rbd_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-5-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 02 Mar 2023 01:51:47 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 138E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fid=%24UID&ex=appnexus.com&gdpr=0
https://s.amazon-adsystem.com/ecm3?id=5315015035452007233&ex=appnexus.com&gdpr=0

43 B
479 B

293ms
292ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?id=5315015035452007233&ex=appnexus.com&gdpr=0

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ox-db5_n-inmobi_rbd_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Mar 2023 01:51:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: CMW1A6D4DR9KZHFASE6D

Redirect headers

AN-X-Request-Uuid: 582b104b-1b74-451e-ade1-92bb429f8859
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 02 Mar 2023 01:51:47 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://s.amazon-adsystem.com/ecm3?id=5315015035452007233&ex=appnexus.com&gdpr=0
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 103.209.254.40; 103.209.254.40; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H/1.1

200
OK

ecm3 Show response
s.amazon-adsystem.com/ Frame 0BC4
Redirect Chain

https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID&gdpr=0
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3D3lift.com%26id%3D%24UID
https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2478774910671083970147

43 B
479 B

296ms
296ms

Document
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2478774910671083970147

Requested by

Host: s.amazon-adsystem.com
URL: https://s.amazon-adsystem.com/v3/pr?exlist=ox-db5_n-inmobi_rbd_an-db5_3lift&fv=1.0&a=cm&cm3ppd=1&dmt=3&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Thu, 02 Mar 2023 01:51:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
x-amz-rid: YT7ZVKTFQEX0X81N7A4T

Redirect headers

cache-control: no-cache, no-store, must-revalidate
content-length: 0
date: Thu, 02 Mar 2023 01:51:47 GMT
location: https://s.amazon-adsystem.com/ecm3?ex=3lift.com&id=2478774910671083970147
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6765 0
0 173ms
172ms Image
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022701&jk=4071249316882924&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame E4AB 36 KB
14 KB 172ms
172ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:40:01 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DC9C 170 KB
59 KB 509ms
169ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 16:23:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame DC9C 8 KB
3 KB 172ms
171ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DPssuHorFTANY98jomrryQcusD-1cnvXI-0txjNEv5kDSrpyShJvCrzqz3avLGottGKJBlcnIWDBQTClJ9uAMmuIuBIAgUXUgj7esagxFGkTum508&cry=1&dbm_d=AKAmf-DMBZG9r83Dwf2yt9ResBDu4fU8rR4tdMMVCqrcGYE_esqQmnJ1JkJN7NOLp4bNN21pwr2t77xQL2CAZPuKRNs46Lrt5blAv24zERBPkZYALfrinifV8tXDeHCbISv5ZdqsYOeGMBQG1vT3SQGGkmNCfAhJi5TlciB-mMv_TLnHFSjOZvWHyIHQVAQTk9-0yoM5blvOa0hZzW2MVcUlNKbq6p92YBZCO4NKQm6bAUor-0Bi6ml3TEGQp28EsEuizwdTyd6XCfcfZTC83Eg7l_Ja7l1kylHqOk3D6lNXNcfvKWyS2jMyATxmXjv7XCxlXg1hewADcHTOltKlKJ3CoSG_D_FvdgwQlL15UmQTrLft2FTKWf7yfvhwkYtS6TfZvNOcTc6FOZruJJ2X2xG1OwQ7ruNQ5RyyNw_NdP6AOPDhmQlJNQgk6FyrrdW97vKVxaopvwPxNF_qQLFpNDech4Sy7bYTi1gLvHrAjsxyDmkw-4QrdAyfXzkfGoVXVwvGKbZqoCkypn3xiWNxeA5S9o1WnnZvG-KJatzcVXc4YyebzN_h1LwnNYDZn0VXQkgVttXzeajXcsnzE-egGw0xrYRfy_0YwfP6gXlyPY0O5a8KuPP0B-9MbJXmZNOXqH1Im5wxUoQlaiDY2Y3xR7_2YPoEcSdFCLlfsErBI3NHvn2PhprH-woI6IpjwMIC2bO2PLUlFeRHWI74VfFBnzGsbcr2knM5cRjhE1byT9gWyg3S5uxt4CBUMT7JNW4TRtXIHaY3utPp-RU3TbSNCqCQRXxHKl-TEqWzB2GUvPeMfchWwMfT0gQhZQ7PNB-GP14zOjL8HeOn1ZjrX30HdQr3cT0snO1QqEk7pu7waljb9VBw4gvKORRBellarqiirNOukWVS_OlcFHdNa5HAnohsPe1Tr9pe0jaWtpSaiOe9WCS2Uf10MBImOysZSAxddGxnY2ruc8j3yhL6ahhbg5ToOU8oK6KNO1oBPdCiaTi5cpJ6G1qQ3c68eiCZXD8WiRjN7EYM0WpTrHJA9H-GJ7AKntDSXF5u20QDFHOc-TbDNKlCX1qWr7xhS4HbqF_BQ7oxNInjV95lGyFSVaG0n2rXSfu4xYpcN4ltuFqJusUMepT4F7WOnuggMpvJNXBO59D4YiNE20G5lWfU4MNmTefXOvsL0O_fFpssbifoIH1iD_WAn87zVHsqE2qDSkMetEmPSkZw_KhCgyIymK7mbehLGDZsAk0KDEIE-nnTn8VxGJWriF9XVVRALvy7oj1YSJOEaP9U49Zlh1xHNvyXr9LqTlxNULbSD-aRxCgBTZcwy0qs7lVF3PkG82hdjFkxdYAYWbbvQtOZ5ggPA8bi6_9xpPnhvtAElfYOgTYRrEGDSa4Ln59S1In_gUzPsvuq8BeurGxvCjrvRahJnjgfyKIJiaZ9_p7pljGQsTerb0xe-Z92u33uLfJVoaseAC0aWc_3V64lp2ttP6g-6Ihi6TX4dDVIfZ2TK3jetGO7kaX6N45Gksmst8NXlD3_8eXOTFI6FlEw19rd1ZDyVl1xNzpqksPL9HKrArEMMDJy8q4Vo2gPnVRuISRUixzhwZo97HQIfkfDyOp8QcQRh92hdc-biSyvWlQlK1-XjVOBtE3oz-Xw3TNffo8d78OKsbCUTJXdJ4jcMDqJ4hfiOkTfzAsY08yko-8JW1ScSSBFF7vr9Q45ysJzFvTDnMTv6JZLY1kk0Z93uz0ZnhdcNMTCecSe7Ikyvp4yr3egV77xSg6A7nJTUhLtwZXzlomcElOvbd7yyRrGX9H6mfPuhB6w2Y5RYr800bpgePsp3QdyuNY-4l7DR25zRwKRTtieKhKQ__HbOjwdRtNG61KCc7SSnUmUofTdfKJ-SSGBt5eg_s6adQbGpm2kShP--K6hg5YbpyNwyv_RIq5Zu_lB009uDuQtkqJc_nNem91-lvF8RyPsXIPtCeh17ex-G-Ocd2757BGAOf9pWgsg77wC-E4t9gu0QOe5t6NrbXSKLaC0u6foebFqwz422RStX1a9N0LGpFi4mJ4ALcW3mpVgOGKQoNc1ZMfyorvRPmBu6x1v7LD14cVsA3bW1v6Gcv-_nWjSWSLbgEGgE5e__jNGkQYD_0CAjQ9ueIAQzRqLdF1xr2fg3Jbfv482JPGBYYx3uNTUM8IbIJP3_WRM1RX5pqYsbjgeASc0RDVW91WWy-xy6aCG3oar9OkzJbQeZ9Ra967lyM9RYNYSrcJJ0Hmx0Sw1BJFvSGuHKfsCan-Ql3s8SvSRad1KgeVkA7BAd9PD8R2kOKiO0nL5t4QLT65knxwH_AsktUYZwkWDImrfsSfkFQZ78KzB7jfuO0c-M16K8TF1aYqx3uZ0JNG9-oSOyPhQ2zgWqVer81CzwrDoqkoEEqASHW_Xt4jo_09WK5FY8Fne_UAhqD6H1hL3Yf4dT8_yYn8YFCx5udymltOqUaT3h5zQ6FIizeiC04jbQ-XS0J2hOADnLNxSZVwkgC4hhem4NS3wZq0nUhTW2sX1Cxd2ilL5e696KRfyx3Xli5U6mzv9o46_4D7a8b7cQum6Iem0mgC8we_gQNuJZIaCmL-2Vrobw5D7dlbyg5uZglgkTztCPdBH5iM40zcyFkSfASiZ34fHrvX6tK1Kp_ouetfG7r4HQ3hk3JMJw7vEBEOnNO6WvzqLN_so6syztGjtaH3Sh44VR-DIAuxlPmmvY0o_effpoYNmbOLaTGm_69G-XXLH4ZCwVM3H500_erih21h2_X_oeSLeeIipdjsiLYr9AWu1lcT8cxisr52MrxzceNxkq0J7tSswj4YfvAwfFmztqXiIczjaypEncSH2HG1QcBOacm9atdGz7YStndidNLXgUbDn_x9FdzRLSpWVir7hIs-I6fc73YfT_sW81TwFRRa4wq2sbLPGOYvCxfjWbEc-Q8LwpUyCVR-v0Puu5Mm_nC1_XFacdoRB-dY7OmI51UHIwZUg6LZoekMC2_rWNx3Ei_w1jmgSlQFuVFM1nPrY90mTDtyurj2Y_c6jcbEnlBgvBf6hYMm3J9CnKCgpmPPY-GEdEUsXxZ5F-HTWqMCZoXBBMU5UMynMymnMr1ycvqUKEmZIr5tRh1cubs031g_jH4fUzOehtSqozJMguUg9vSRaPi7Flvzf8bK5FRw_boT7Slb373nauWpk8820f11O4PtpBE6CglHQ6FQuUvbqpA0pMykYlXvRurdIUCA-uS63ZxeSNaWKr39JXWIq6TVkaEkZqkhioVO34SaQ-xs00jU1bYTXcW_MAo45CY5LRDx-SMV-k2sdcPPDm1-BMQDZrEqWzJKEw8ZzAlCKzZ9lbeFBvxCxTk9F0TBXnqiqMhDjCsDIuELy9X5EcJbPkzi6wF_HvEieanGFe-XCrrlhvUa0zj492JsJgPMLq3h-MQAl9rMXTo8ifxGLGpt9mkl5Q5hnfbYJEecF&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.eldersweather.com.au%2F&ds=l&xdt=1&iif=1&cor=10213204134933897000&adk=3087818416&idt=227&cac=0&dtd=12

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:58:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame DC9C 29 KB
11 KB 174ms
173ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:58:31 GMT

GET
H/1.1 200
OK ecm3
s.amazon-adsystem.com/ Frame EEEE 43 B
479 B 294ms
292ms Image
image/gif 52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=openx.com&id=cc9832e3-b21e-8e5d-ad7e-9f5074a07008

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:47 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XGD0Y0WQ10AVK42DT6YJ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame EEEE
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=15dadd92-0f83-4982-85b1-30139708c890&ttd_puid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0&gdpr_consent=

43 B
249 B

177ms
177ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=15dadd92-0f83-4982-85b1-30139708c890&ttd_puid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0&gdpr_consent=
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=15dadd92-0f83-4982-85b1-30139708c890&ttd_puid=944e4e9e-aeb4-35a7-6d70-1dc71c93bbe8&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 335

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame EEEE
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=openx
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZAABM8Co8XYAAIQeAX8AAAAA

43 B
106 B

177ms
177ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZAABM8Co8XYAAIQeAX8AAAAA
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 0
Date: Thu, 02 Mar 2023 01:51:47 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":0,"gdpr":false,"ipv4":"103.209.254.40","key":"ZAABM8Co8XYAAIQeAX8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad294"}
X-SO-Key: ZAABM8Co8XYAAIQeAX8AAAAA
Server: nginx
X-SO-Upstream-ID: m-ad294
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://jp-u.openx.net/w/1.0/sd?id=537072335&val=ZAABM8Co8XYAAIQeAX8AAAAA
Cache-Control: private
X-SO-HostName: m-ad294.dc4p.scaleout.jp
Connection: keep-alive
X-SO-Ads-Time: 2
Content-Length: 0
X-SO-LB-Hostname: m-tgng18.dc4p.scaleout.jp
X-SO-IP: 103.209.254.40

GET
H2

200

sd
jp-u.openx.net/w/1.0/ Frame EEEE
Redirect Chain

https://cr-p3.ladsp.com/cookiesender/3
https://cr-p3.ladsp.com/cookiesender/3?cr=true
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCjwIRoff3aks8AD1u-7LAlLc8AAAGGoASy5w

43 B
106 B

182ms
181ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCjwIRoff3aks8AD1u-7LAlLc8AAAGGoASy5w
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
via: 1.1 12092b1d863b1b4b20da0d09effe7b36.cloudfront.net (CloudFront)
server: Logicad
x-amz-cf-pop: SIN2-P2
x-cache: Miss from cloudfront
p3p: CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location: https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCjwIRoff3aks8AD1u-7LAlLc8AAAGGoASy5w
cache-control: no-cache
content-length: 0
x-amz-cf-id: gQAhqtZpo8pz6ZWiFa0U5ESGVe9T_CYQjQ_a4Y44r9LYUFBp-3mfbw==
expires: -1

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame EEEE 170 B
232 B 224ms
178ms Image
image/png 142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YjgyMTlkNTQtNjdjMy02YjAzLTc4OTAtNDc3ZWQ2NzE3NTg4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame EEEE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqJvU7FdG_h7MzKyPAiLgo&google_cver=1

43 B
122 B

181ms
178ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqJvU7FdG_h7MzKyPAiLgo&google_cver=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/cm?id=e818ca1e-0c23-caa8-0dd3-096b0ada08b7&ph=2d1251ae-7f3a-47cf-bd2a-2f288854a0ba&plm=5&r=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dopenx.com%26id%3D%7BOPENX_ID%7D&gdpr=0
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJqJvU7FdG_h7MzKyPAiLgo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 9BFC 170 KB
59 KB 709ms
449ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 16:23:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34077
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 16:23:50 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/ Frame 9BFC 8 KB
3 KB 171ms
171ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DMY0YQd0brp17nZn1dQOdx0rSVpc7o72IXjHlppXTQoV14lzaFqBg_BRU8BSydWHCfHHkKhXFxUciE62LaqhbHuvbz4IBG1v1yzzcieZqnWuoYZZc&cry=1&dbm_d=AKAmf-CxxT-FkW3-5vko3nTnvQC_UdwMIqWnuNaLg39D3ge-tiAQ3CeZUww9aNuSbn2jhPq_OsdQrLHMc8SRA0PSU8M6sbw-bJ4StgZzP_Gff6RTB5SfA1yAsFNLQNbwxX6ZK8afT0T8mm8TDHN7QxE5OfAm3InME0NUFPWPtQ8hQC99InUa-9wEfASDEPHCRnyZO6shYahXJAeo0Hltka4s10oF4HLQN_EkxPvMDuDiUMhlDAjeiHlpCBhaxE91P5pCQyy3XmDZyAiBu88LGOzSYAoYczhq_Sb83aZmuGa1DggD6AJuiTgwUHWvB4tMIYoAoFHfVWqsE8OwZGLwWXmsqOnnabz97Q-yjqzrLkc_EuWehbsRMNvEGmBzAwzSi_ucJdzvnEGE_XaDyB3u-qlGhk4xGFP-efnaZUEf12exMpQM803b8ytlk4cauMBOdwe6gBbxLCZrM1P6Ti6Htpqq57zAz4A_w4d7jloLw3qvrLp45EwJCIsPcC-V11682hHQ8NI96dH2B-mdWJdEUNT1QiPwaruxdwmMNQFf5qFo7ojBCAMCw9ju40_-rkqhi8qcL0i8tlNaW64en-IUUFYwyJMv3lwbXBCmtf6-pIqcB5mbJuBwwLLHTKEFd9iIlJC1etUYf5Ym1unwhaETaVNtptDx_FQvCF9vldhfHVEq4rHR-u1_s1STRzIx-x-pklAb8Jr9XA--Hya7Swx5jFisQMuPxY568Ss5bJgmEYETct-4K-dVU9-FEx-9sLml8mlrQ7bU8JsJkD2FY60KLICfCMJWaLRRJkor8InH5By2U7qU1mfXDX9Dw4xABvi4aiZQJH2Mgfl3AC70hPW6mQ8o8QW2TsGRxXpwN2KiiMgsJBXCUdSOestMoqW1Cz0FrAYzi4Mv3GfjJVYC2AJgp_srShskDX9ASOP6L79cs5THCh1fJJKlnZAZxm9tUT4rjt4m7NSRUcDtH75WeYZUqfw17vpJApFy7ycrueBPC-_lmlelsTSbuXhlYXMMFlS_n8hh4q1kAJQ_SHCKz6tcBe8XkcK-g6VrFN6gVc_ZZtVuYPX7dtJjqq-01oq8dR5YuX2Bk-Vg7r5OlGMsxEBsd06E_rFjFWkHUS2sPKjLAoV5THJg3PYyiQo1Rwa7OrFyLdl7EBedu8gR9vJk71dVbGj9F_QVNmtJzsoM3cwfZSFnytSDrqVvGQmEqs-eMFvtk5WxM7j4AqmYZOh2fPBfHRu29gZeDVCjM1-yMchd8A6Fvrn7uDP7K7gjWR40ncr-d-MZUl20LkgpPyfU03Uk8Cn4qPUsS977tA0JqRBg_341UZB6oG5pYVx3xX_Dr6hVGxjblDlGEHIsHlzn1WZA175MNLnszBt6essIv7Lop3Xv8m596Bv_3TSR1AEMz9NyXsRKwVaQE3wFjZrwCiy3ehyX7NUHZIHKeXSmaK8f_V3Hbxr-VlO4RBtOBn5YI5NwGxFEPKzVJP1jqFpzuhv9N-N73gpVXMBMsmz03__FvJk-A_RKE_NIpGqt57zf7l6PRgadSMbvMrL-STROnDMheJf1Db2YLSgRsieupc6BTHYUVn2JgoYi0X8b0G3xrb7UdfOu4qiOWR-2Kha6UlcqLUptjw-BBoz4n4BcZO_4l3bxaUkHJLpNzqnw1xPLE4CUyVJsc8aCv9m4A4a7VjFMnhXJm21ZbbTXAOqTLg1U7hAsAM-eFarCf-OVPpkjLzTcIqLreP9azigzv5lkIduwKrpNzVKB-HJpoJErBS3tbOTWSQAY7h-XHpAZ5D0aI6Zq0uKeI4nWE3YovF3E4PSXUVAY50cU4dyddw9j0iJItXwykVuVz3tqQoCRcobX0lrL_KP-0ydhYEvC-y_8P-nZmhRHfSgaDJXOb8tkp5Uv9_Tx-gOl7ujzF8GF7E5rmzBSsWHuccHxv1f1WxAJM7BZNXJ5Qbl-CpnizLsYp_H7Kp9eMo_Gv4FWh5OyQjZxQF5F6FMY89sQm1vz5hOll5ne5YSFSPkefeoDb1jI4tP9C05ompBh8mv5AjM8_YBRFQ79Vj3uYcBw4mAooJKc0I1qMSswqoS0wEzzZeYM1-Tudx0F_Q09eRLDC_fE2D7uQBkv9SQUpSwg2vraXqaF4vuUcqKYp4MYh1PUgY7LMA9Wof1JdIgrYZoRCc9s_6ZTIiaKhsH2cGc2QLLsEiBcS0t8mLe3opO0LjGOJWaOeekcOTqB8vnjhhZtT4LVFyD8aJXUW-5hf4NJRdxiyGLK3m4QexlNp_4AsfcpaBackegqk-C1ijnSA8emLJ0ozdG8nDsTWt65qeKUl61eVEmgRpfwa6whyuql6rds4v6yj9vNiaR3I9rwVIt417z0m8dDSu54u4hmXh0EKkZNF1GRPqaEWJh-1YqJ3WdO5qBRxn3gJpSUXIAVXUGcUcEOLDLBi5XWdcCF1fniJgPtB_CMUv4mbEKQqJ-Imvm78SkQZuKTI-GdTknGWlOSbOcntFqQOm6fiv8LDQ-KbQVj-lmsWlP0WWckqLfr1-lIwx7KcJp4uf8ylGgQrd4DlkMarr56XsC81lcG3nMZ56FuARD840TNgX9KLdTRfq0l4XnWHgExxWbczs1rooPd-eiYvs8uIiDQi84A3vXliCjnBUK76xT0FSUk8HqFjPJp5Ro4T2SOwd8hUL4NJgmvGXfIha9Ew11R6x-P5J85I8uUuFrrKIVJLIhL2Jk_t8Rm5B9s9jbLRtWJt6MayGKvER7O357mbxlAB2tYQ2_TSY5FRnyN1YZ1rxk7vLNICSRCVF9qYBeFrbLOZGHdafC42hLL74HfSe6boSkZ-AvY4YjBR53XdyutH0oj_KUvS4oTfp4JPv9QVWSCchLkBB6bX0UkyKb8SAsmWYXN3uC_8J0o2eDytlSprJLY1DDeksRz0RatAKYKYSZUcVz3P1wcrI5tIFtkcKlTvZ79ReKOzFuVX0twu2Z6pol3v7GxAx8lTDgiFKerMU2Zf5VYULvKz6gfgSKYvzPdHfh6XpHlUxPPBOLfq6mKQmj47TZsfdN2O-iU8YLt9sbSb-zOPLgAq44CQU_2pjsH50J8Vg1q3ozBuAxjdXry9x-afWWGv8wk8TfD1N5LKPc-MPjVMvQS2UKZ0-M-UIOGkOIZqwWNcU1qfHTOe7V3qBKlb957mTPxSjMGI_mCbmcSTnswG1bCb5N1n2JuEeKdF7brGiQcyCkrLsbG23cFsUhRSZ9VIF6cUAj3xeIsdBetg8dyTHeiYSgpFHE8FAKJdgJQH67uifcpD8qQ34m4iGF3USpCccKLXO9iXtIvq2lxrZm8LB-_Nl4QfbW4VtYccPcIXI62pZqhTBD8O93p__p6n9-nwJwvUQA2p2MsKZMB_fcBUTwDlP3bFh6GGIM_akBdz2mfdHSLzCDVgIN6hjSeK0MtYcoOc15O-no2XEVYgAxVz25tuhglfzNbU4zVKpLBnanC5tU9CSLFgBWlEB0tkKhNafxSc0DH-8TUMFGsI5VgUSqsmeU&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.eldersweather.com.au%2F&ds=l&xdt=1&iif=1&cor=11986679766924351000&adk=3013400680&idt=280&cac=0&dtd=4

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

855e15fcdc7a729b06238328936629eac46e2251d9d3d71a5d65510451f4e7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3023
x-xss-protection: 0
server: cafe
etag: 4221495933888618527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:58:31 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/ Frame 9BFC 29 KB
11 KB 173ms
172ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230227/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

555cb911a280dae2e7ab778b5403e27a81533f7b53cfac255d67e175a96c6e86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 19:58:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11134
x-xss-protection: 0
server: cafe
etag: 11889138295710991679
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Mar 2023 19:58:31 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E4AB 0
10 B 171ms
170ms Image
text/plain 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8HsYMQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f132.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DC9C 41 KB
15 KB 171ms
170ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 22:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 22:32:00 GMT

GET
DATA 200
OK truncated
/ Frame DC9C 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b98cfbdd8248869e2a13c5ee8805dafc5e17d4d70e777903350496c43c1d673

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9BFC 41 KB
15 KB 171ms
171ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 22:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 29 Feb 2024 22:32:00 GMT

GET
DATA 200
OK truncated
/ Frame 9BFC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e9c956c33e73dd9964ee3efa7b391dd02781f932f668ae74d45fc7e42471fcc

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame 5B84 0
225 B 1121ms
378ms Ping
image/gif 142.251.134.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~leqgb0ui&c=6591211953457&slotId=3295605976728.5&qqid=CJLC35GRvP0CFT6IZgIdwGQCHw&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.134.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eze10s09-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B84 15 KB
16 KB 172ms
170ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 07:21:56 GMT
x-content-type-options: nosniff
age: 412191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 25 Feb 2024 07:21:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5B84 15 KB
15 KB 221ms
221ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sun, 26 Feb 2023 10:18:53 GMT
x-content-type-options: nosniff
age: 315174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 26 Feb 2024 10:18:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B84 0
20 B 173ms
173ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CqwMBMQEAZNLlJ76QmsMPwMmJ-AHSr_31brbV752NEe_Tor3AARABIMiWrUVgpcCjgKQBoAGmucyjAsgBBakCsMU1EOb7pD6oAwHIA5sEqgSGAk_Q86NbBlTaj-iEUMtnZwWak7ftebHfd1qW7v5-OE8aE_QGK8Pge0EPPzWnbm3jGvgd6iI2CUx_W0kYqN-oUdtb6Z5Ga3F_IVTkbSAL5d5qjwI0moaDu3Y9n2CLONAMlyl7aeIWoUa4FuYOmILx5IlxIgxaeE6hIUaFmjqp1CfAhiYdhJ9lS6-8gKSu-s28Tews10gFbwHOX0Sg46tlRrJHmyC7YpY_e2wst31j5uFHNyJvFikKHO02CAtuAhg6mnJTIp3cQRUi_LhBMIgNxy2jW-2xKeH9dcTy6fhIg_CGpekqDIOKvLi7XGYvhF4OZknzXOGYyHiskdvep562NA1T9APMun7ABITT2fGlBOAEA5AGAaAGToAHwsaz3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBAgAoDmAsByAsBgAwBsBP6j6kSyBP86uzhA9ATANgTCogUBdgUAdAVAfgWAYAXAegXBQ&eventType=clickstring&clientTime=1677721907505&ai=CqwMBMQEAZNLlJ76QmsMPwMmJ-AHSr_31brbV752NEe_Tor3AARABIMiWrUVgpcCjgKQBoAGmucyjAsgBBakCsMU1EOb7pD6oAwHIA5sEqgSGAk_Q86NbBlTaj-iEUMtnZwWak7ftebHfd1qW7v5-OE8aE_QGK8Pge0EPPzWnbm3jGvgd6iI2CUx_W0kYqN-oUdtb6Z5Ga3F_IVTkbSAL5d5qjwI0moaDu3Y9n2CLONAMlyl7aeIWoUa4FuYOmILx5IlxIgxaeE6hIUaFmjqp1CfAhiYdhJ9lS6-8gKSu-s28Tews10gFbwHOX0Sg46tlRrJHmyC7YpY_e2wst31j5uFHNyJvFikKHO02CAtuAhg6mnJTIp3cQRUi_LhBMIgNxy2jW-2xKeH9dcTy6fhIg_CGpekqDIOKvLi7XGYvhF4OZknzXOGYyHiskdvep562NA1T9APMun7ABITT2fGlBOAEA5AGAaAGToAHwsaz3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIBhEAEYHTICigI6AoBAgAoDmAsByAsBgAwBsBP6j6kSyBP86uzhA9ATANgTCogUBdgUAdAVAfgWAYAXAegXBQ

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B84 0
54 B 1110ms
381ms Ping
image/gif 142.251.134.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~leqgb0vn&c=6591211953457&slotId=3295605976728.5&qqid=CJLC35GRvP0CFT6IZgIdwGQCHw&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.134.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eze10s09-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5B84 31 KB
16 KB 195ms
191ms XHR
text/xml 142.250.4.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Dfpzp02VNHy6YISgMsaDqm4zfozh69jxb2RVq_-M_Zb3IrDWWW4FhsyN09HDW1vpz7fj6aDxKJDxUsAWgi7gjXDcKoKw&cry=1&dbm_d=AKAmf-DSwQk7umZgjwkPgennpscxttaSRZkLKjFzka6saSHgbEsU-sJB6kbxNy-v8mY-SPtMqnFjyTSSZ0rxU5XANV9L6jXy_is-qsJg7_7hVTTBICPJHuVjgCfi9pQEdrIHXeeSP-UnEZk0kBMeTaBtTWYk4fWJfWcyGN9uT-zZZaCLDZ4kJqrJxqOXe6Okl_xirYvOg6PE4NCdhQ6y6_ZBK2VKem2N3nwwTC4Ufw9Ee5X_8AJDXZsRml1tXflmbUYAXdoi-v0Fr21DPM17Ur76rLaKjmdQgW3MatX-ABbittoscQDn4twQXDdMPmQqfahHXKRTIo_2ddS2pohwYZEs1zFXAYCg71QlSByELlA4XF5GG_74EOOdfgICOwvWFTz5aNzwigWHMv1VqqLP9pJQLQ_0Rp7qeF1p5bUMM5D-GEWBJHf05b-Nh6pozs6zc1RlAI1bl8_IsGVzHwAonmPQg9_nPlaNbnskh10g_X-HRQ3w3hBcB0tsl3-m7riin9P3DEeiTSKNWAYscBIxuGnDa_2ii22WFcY9P0MJ1tmBUm4Qv1iPhus0GDA5avM97lBYCbumPX_K8gqf9ov0dypyehzF1C1O254vE5g1rO6knudIzLp-LxTaGoZn9E2l6xBTx4dV7pGvCKBsuDlkzuvuFGJMDkQ-pe42wK8UXTysz9RuUUqckyPzuJBB5z5Ol4-J5Lrz50i7ZSvmYxo5BquJa5hiYZlt3sq3B20J2awrj9YxA2XUttyMRZdDYB-D_XDOLoEOpLv2DIvW12pUmj7aWlwvwmsoLXbTY6yMBfqHJ8niXPaTjIeY4ixGZ9fMIDVc2M9RidHb6TN6Bi2U-6Zcyet_NbT1k9Pjmp2aFnOCgtpWYFdtkPpFkgunYwuLU1sCHfNS0eVpXOk-yA29rs_fOoTMcNlM2EChuJzoPcCXDt45TYANRMQTRghtkH3_6_VzNFn4wrYWJTXVULciG5SrA7uyBmv_pdQMJiRDB6qSNbkXX6OUx9IfM8Ngd6tas69Hu9j5kmuhmTK7rUKZmGTkMvZ-XEuOnvIzw8c_XwdxIjQKkfgBGMiPRZff0U0ZFGZaKemniyeIOJINaGNa5RmTpXWgc6r7yoBaOd0CuSnqivlcLQ77OavgU45KOFkIZE-VbXgr160GV1EKf2ONJhyX97bGyh_IPe6ElFYZ8Fwwr4v5ft3ZZhJztR5ahHrqdFlq1BzUTwr2JqzYrREiWWS37Cks8AM4Afq2J4ejNY3jPPW02HIHnlRYmtqScKX-vPG8JZ2zKgAEVApfuykVyKv8vfh7CvqDpX71828HDyZM7Nmz4-Pk2OhOkgh4-vgCugPyFQ7QcPrfUiRURhFd4J6Y_nOM37aNd7camRvw4t2IeIwhlOe5jkjEkRxs2TpZEfTX69UDmrdpg2nlovZFfMXg3vps-67GPrN3ZjxqhioOdYvKh-e8bEMg3TTJz7tPyDFhvDRCEwjDcY1ggH92cD6cXomQz_8ZFJcDpJAEd-PitokcZ8xf3lY62wVIANe2cQQ3eDsOmpKt-Dg-C8EAKXsocd1dXXbBPA98wBMbR8Mj0zp6LBvpltmZbJkJhh3ySsIoZsVZa94OQ-wwv5SkyapBWw_6tNFwiYJM2cYiLOgLuW-q86_3CaFCIwnfZR4ihejdVgP2PpWwE_y5jihkV-r0aQSEo5a0H7hVpHM1vIXNWCL5OBnBLRp6ELOjUDbSiB17zDKsABPMk8-IP0Zfi7RcYHLsx0IxTVQkmQKWKe7yHgwF13rCyCMkJB-acZs1z3vijpYUFHh-5aFcmPDHuqY3UZrlXNIaaScatkw8S_QGN7o7AlEvVmz0WK2_hO0ZYa-D7-OF030ZPkUDkioPgdHmjxPwhMmjx4g1UF-LVNIpXVk8pSQoTBXcN-1e7o9xzLETtCmpnEGSfjAjbYEZASBZ028BNC1A6EsNh0A7217mrRb9y4liCigbvzG4o2sGeLjjlposMVJc_V9kTcyv4vqj24zSJd_4E_ZNTONKWlJu2zMYi_QPyXPqwNpEN_8xsilqwKboZLZo9MxesVcNh2pvgf7URAhA3t7FJ8nj5L9EuwBbFe2Mz998o9P-8hb_1AlnOQ2aFqQuOxjRWE_uXI0kN792mv771c2gFK5IwuzWfprQqP76zaHrMJrf689vL6SuQzQRtPGm5WBBa9fUWL7_4q6I-YMBTgut_k7jbKF48Pv3RXzf9aKytbR_aaXPXmJmoEBUiHzCkfDf8ND7AFFIFyTTOmsfjtmfMWu2OI4HUHjWrZ-AJlGAzgnA6RRm2A0Qr5B9SL6duayp047qesvtf_KR-xb6zV1wiuGfsXJ6v71WPPf_l5qnuCOiFDQhfG7TlTSHyLU5VIs2hTUMKlm3F3BfULv785NfdyrXX_zM-Pc7HxOvszLRdG0rGzvHvqdXjOFDpkWGwlR4Rp10ItKuyohPr2GdH5w6Y46IhrfE_SEu1uAdEIBFvJeLMlyysXsnvNxWOHTUGGBhC8yfNxVod2eOcDeGRHng1-mxkXthlCy6llnLiG0uSoF5I6YgLFj4e-CYEogIpvwnt1BRhRNvpGHPEFUho9mBXGfSXvsRjCQgAhEsLZBD9ILw8jDYNtPqurEwWcceLQrKycyjS7NwscsNwdgCcct2039y1AWIoXj8UweB3Wp2OG-leYGV3tdUvay-BLlVXd19gDkojB5bV-WtZ9g_bRPVqabW9Hi_YpWDTZ2LUhu1HhD6oeXTK3onrsV-lX18rU0RY2l2eqbvGnusa5_8pE6UzO1JA7FVs1hf--e9mhRrGyzEUM3BLSy91doAHqYEZ7jvPIR9y4eTLC_4FtUDr4h48q_HnmerzNs7YsAS8O0UvHWWfXBj70RDwdtxU4Fj_YPtPfgQ0uGipHIwCGrrzRjRB3Td4szNcn7ZFSvXBf30DXUHqIC3j1op7Iilt4FdKHjKmQtYzp86I2kBoioR6pXkhKqb2N7LwfEMOuXe9k4aoHYcHsLT_4RXsQ7UaOrr3AzlxYzneI5XDBL7CxU6yHCr0PTn1t_iP6YByDelAwcAzc9NXlaIS3dQZ3rqyyEA3ekkJJQu8e4lcAobL-lYdk5XLgtpddIfT2_lpwe_XW_pNFY6VJspwTtUyg75gtYf3wfTK4Md17PlRvi5HBm9MFJQETJeKb5Wpxqwo8oYIyg1wqa1TjoGfCpsZ6XpXAn4NcSvcVsyhYPI5RFk9v9eU36jTOFnCnhZqFjineFn1FbFJxYwKLQI78Qq3vR46Uh2RyVlurcq7TOxcoBRLggMtSVnWOVUr4Bn8fA86STdsmE&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.4.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

sm-in-f156.1e100.net

Software

cafe /

Resource Hash

e235dbfd0465afe936f74b8204fe7d6a645ad11e79ef1ada4814cdf0dd1999bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16506
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5B84 0
0 175ms
175ms Fetch
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CgUInMQEAZNLlJ76QmsMPwMmJ-AHSr_31brbV752NEe_Tor3AARABIMiWrUVgpcCjgKQBoAGmucyjAsgBBakCsMU1EOb7pD6oAwGqBIMCT9Dzo1sGVNqP6IRQy2dnBZqTt-15sd93Wpbu_n44TxoT9AYrw-B7QQ8_NadubeMa-B3qIjYJTH9bSRio36hR21vpnkZrcX8hVORtIAvl3mqPAjSahoO7dj2fYIs40AyXKXtp4hahRrgW5g6YgvHkiXEiDFp4TqEhRoWaOqnUJ8CGJh2En2VLr7yApK76zbxN7CzXSAVvAc5fRKDjq2VGskebILtilj97bCy3fWPm4Uc3Im8WKQoc7TYIC24CGDqaclMixd3b4LFu_tP0b9zO7nJUQHx3eTAmD0WJM9fG0IxN4wMUTmAT2HDJywWqRs7YnK3EDgbiVLRXCReuXZLkeVpHWcAEhNPZ8aUE4AQDiAWWpJyeSZIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHwsaz3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChCPqAoYhon94AHSCA8IgGEQARgdMgKKAjoCgECACgPICwGwE_qPqRLIE_zq7OED0BMA2BMKiBQF2BQB0BUBgBcBshceChwIABIUcHViLTg3MDQ0ODA0MTI0MzM4ODgYgM8G6BcF&sigh=0Tbd8OcqvRM&uach_m=[UACH]&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&vt=10
Requested by: Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5B84 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08f7d92b34e26c73b08377c122749f9b550578ca5a5ef9c9d9e019d3173dc90c

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E26C 33 KB
10 KB 173ms
172ms Script
text/html 23.39.5.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.39.5.30 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-39-5-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: bc3f5d9318ce983d752898478ef12afa1c39e590a199aeb3d88fd0d63ceb5706

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Mar 2023 21:44:27 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=71535
Connection: keep-alive
Content-Length: 10006
Expires: Thu, 02 Mar 2023 21:44:02 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5EC0 22 KB
8 KB 172ms
171ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 109347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:29:20 GMT
expires: Wed, 28 Feb 2024 19:29:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8A7C 22 KB
8 KB 171ms
171ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 109347
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 28 Feb 2023 19:29:20 GMT
expires: Wed, 28 Feb 2024 19:29:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E26C
Redirect Chain

https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=0&gdpr=0&khaos=LEQGAZ1S-1I-K4D
https://s.amazon-adsystem.com/ecm3?id=LEQGAZ1S-1I-K4D&ex=d-rubiconproject.com&status=ok&gdpr=0

43 B
479 B

292ms
292ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?id=LEQGAZ1S-1I-K4D&ex=d-rubiconproject.com&status=ok&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: MYK661XWAAMY0P15QJ8N
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://s.amazon-adsystem.com/ecm3?id=LEQGAZ1S-1I-K4D&ex=d-rubiconproject.com&status=ok&gdpr=0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: ad49a0f18e050afeb6359164ab3bd56e
Expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 5B84 0
54 B 857ms
380ms Ping
image/gif 142.251.134.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~leqgb0w0&c=6591211953457&slotId=3295605976728.5&qqid=CJLC35GRvP0CFT6IZgIdwGQCHw&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.134.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eze10s09-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B84 41 KB
15 KB 171ms
171ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:09:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2536
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Mar 2024 01:09:31 GMT

HEAD
H/1.1

200
OK

file.mp4
r4---sn-hxa76n7z.c.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5B84
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r4---sn-hxa76n7z.c.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

271ms
85ms

Fetch
video/mp4

74.125.109.201
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-hxa76n7z.c.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/32B7B75DCE21CCCD0D038B2B65E87DD0B647BCF0.733F2F3FE178A45CD3DCEAA6DC18C23CB7973817/key/cms1/cms_redirect/yes/mh/_i/mip/103.209.254.40/mm/42/mn/sn-hxa76n7z/ms/onc/mt/1677721482/mv/m/mvi/4/pl/24/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.109.201 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel05s04-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Thu, 02 Mar 2023 01:51:48 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2226653
Last-Modified: Tue, 17 May 2022 02:27:22 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Thu, 02 Mar 2023 01:51:48 GMT

Redirect headers

date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 644
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
location: https://r4---sn-hxa76n7z.c.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/32B7B75DCE21CCCD0D038B2B65E87DD0B647BCF0.733F2F3FE178A45CD3DCEAA6DC18C23CB7973817/key/cms1/cms_redirect/yes/mh/_i/mip/103.209.254.40/mm/42/mn/sn-hxa76n7z/ms/onc/mt/1677721482/mv/m/mvi/4/pl/24/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E26C
Redirect Chain

https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=15dadd92-0f83-4982-85b1-30139708c890&gdpr=0&gdpr_consent=&expires=30

42 B
700 B

684ms
172ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=15dadd92-0f83-4982-85b1-30139708c890&gdpr=0&gdpr_consent=&expires=30
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=15dadd92-0f83-4982-85b1-30139708c890&gdpr=0&gdpr_consent=&expires=30
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 289

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E26C
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=0
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=jpd2TNk6QQy_gE7tpaUpOA&rk=usync-na&gdpr=0
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jpd2TNk6QQy_gE7tpaUpOA&gdpr=0

43 B
479 B

301ms
301ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jpd2TNk6QQy_gE7tpaUpOA&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:48 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: J3A6D63YA673YZVVX6AK
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=jpd2TNk6QQy_gE7tpaUpOA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK dcm
aax-eu.amazon-adsystem.com/s/ Frame E26C 43 B
855 B 1444ms
416ms Image
image/gif 52.95.122.74
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.95.122.74 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 02 Mar 2023 01:51:49 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 6DH3EXS8C7230AX3K1NS
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E26C
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
https://pr-bh.ybp.yahoo.com/sync/rubicon/rCTi8T35EjXSL5IyfdZrrw?csrc=&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-efIDKBBE2oKN.LuqNHhMYMpLfpBIB6ZM9bRJ1w--~A

42 B
700 B

172ms
171ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-efIDKBBE2oKN.LuqNHhMYMpLfpBIB6ZM9bRJ1w--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Thu, 02 Mar 2023 01:51:48 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-efIDKBBE2oKN.LuqNHhMYMpLfpBIB6ZM9bRJ1w--~A
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E26C
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2M2RkNjU2MjAzMDg3MjkwMWNiYzllMTc2MjYyZDJmMmU3MTBjMA&gdpr=0

170 B
188 B

176ms
173ms

Image
image/png

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2M2RkNjU2MjAzMDg3MjkwMWNiYzllMTc2MjYyZDJmMmU3MTBjMA&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTU2M2RkNjU2MjAzMDg3MjkwMWNiYzllMTc2MjYyZDJmMmU3MTBjMA&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E26C
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&gdpr=0
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRR0FaMVMtMUktSzRE&gdpr=0

170 B
188 B

178ms
175ms

Image
image/png

142.251.12.154
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRR0FaMVMtMUktSzRE&gdpr=0

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0

Protocol

Server

142.251.12.154 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEVRR0FaMVMtMUktSzRE&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f60a7260b0ebb7a40a81234af4a9e826
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E26C
Redirect Chain

https://token.rubiconproject.com/token?pid=36584&gdpr=0
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQGAZ1S-1I-K4D&gdpr=0

0
537 B

484ms
310ms

Image
text/plain

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQGAZ1S-1I-K4D&gdpr=0
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:48 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 574F72F80DBA470394899B9D0ADEB571 Ref B: MEL01EDGE1808 Ref C: 2023-03-02T01:51:48Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-ltx1
x-li-source-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX14RJoMkhu8bddk6bibw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LEQGAZ1S-1I-K4D&gdpr=0
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 548ddf114c6f6bfbb66a4cdeb6a219f4
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E26C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEE6MdYvjHo56kFD-3nYETCI&google_cver=1

42 B
700 B

691ms
170ms

Image
image/gif

69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEE6MdYvjHo56kFD-3nYETCI&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9us&endpoint=us-east&gdpr=0
Protocol: HTTP/1.1
Server: 69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: d335433bbbe0efeac67146df47932f6f
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:47 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEE6MdYvjHo56kFD-3nYETCI&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 5EC0 36 KB
14 KB 171ms
171ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:40:01 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 8A7C 36 KB
14 KB 171ms
171ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450706
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:40:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 174ms
174ms Image
text/html 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022701&jk=4071249316882924&bg=!CQqlCl7NAAbK-VRH6vk7ADkAdvg8Wn4gbp6ekF_pgxlJdCsSBiulwCvxExAz4CrvBvWdtng6Q0Y8Z4BR0GpK0FDi0RvQMwPllUUCAAAAalIAAAADaAEHCgA-Tr4T1QDto1pc1GTZdMNkQgrLyfFS-Au1kND0-O6MJAItA46z9Gg9KVC8HxVa0tFYzR_zfdBQsxN86pFAuwSZAqlwiOvuuQbzslQHNo92LjrsGJBKLN5-fWkl5GVgZPzEn4JFzaDYkBix3ED5yuVWx8Be9m9-ReM0u-28JKT_dzIxcQHsb_G2jE1m6efCu_gG3De6NDAKAbThCL24ms-E-ffhhrR5_m5M4ywbfFeyb7SjrCsfejae4o5Ttt_L6QOjh9848HHWYBGYxJI7zFjZavuelNmT3tPp9gdYFOAae87GP6z_mlEweRUglV0d1WYx-p7Cm8Wexyak8xjooFVOc4lhbAMXb8vD5QAs3Znjc03-l0zSaRYJBjcLuzcPdz1pNwB1dfSV2amzAXIOhoOqpIuX5z8Ut-PRj_JsuDX5-ZQKbfLFapvF_oyIWuK-Ih9WCgWx1Bc3B3x42-AUqbth3O22KnrsuvDUrC3-wnUYHV7146nishzGsgB8VbAHTnfMy-NYBZGGmcXJuPkoOa79h4UmPBhvSqCfBxOE80Vg7hTBR94w8-N3Msr1lHYsV9EbBw5iUVWY31FtB8OsYmJMZDobsi4Px6pxaikpqB_nuRZLKK52pcyMFad_er7ZsAnThRpdFew1vNTAIscT77AucqQztosheijuqT5pvTh-f-wscbLNuWpCoxG4Gy3pcR0P1gyAbAPj_usV2wXlVeM7qa_77NzbejCRNy7Xp1wTk3gl7cl9XEuR4vNxQtca5c1u61TD5-w0tYqDd86piU-zQAIKdfMKHX5fhxSiDA-oeHvmWjPsPlsPyyDehtnQr6KI3ceU-U8xQzNWOYwXpjj9EySYry2MbqFZSVf2UKF0uHoIgamfrb79UZ0cT6wVoV-dthGfZ6QsMxe4FcnSwd2qEobXvrVGuC2y2XbhTvtbzN7x6LlL4FfkHnfL0pcXP31ptACQwnMkS82w0w7RlIveH8lIQy7ad_Lbdxw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: sf-in-f155.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8365347031778066432/ Frame A103 4 KB
1 KB 516ms
172ms Document
text/html 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15c818038091c9929fae8f5ab02d7dabd0acf22185e6ab90a8a22fefea04cc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1179
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:48 GMT
expires: Fri, 01 Mar 2024 01:51:48 GMT
last-modified: Tue, 29 Nov 2022 23:58:21 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC9C 0
0 526ms
183ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmZ8pBFeOGF2b_njEZK6A7bziRFVA7xvf43pRhO8CjJhLOJ0y6AyaD7x7vH_oyZX5oM8HYtaahbkIRe5W_1D3Gm0Q9QqdpKLJlsgGFePaef91668RsczoLaOF8hwKJXIYv4WPVng9sZ3OgIl2pEHiGcNll3cLnAsdmrEdwl_ya8G-zqZ0utsH5UDHAOdO9oqxFi5LnRnq84_Yq8GKrUrJfMpH5XD2KLCO3vD1bRqMrbVkp6EUtQ4vMl0Dxni361kzSor2gMGuxi8jPCHGnFfgHEEN1j3z2j5VBUZ0IcY6sX0kLD-gOKJtSQGm_03vR3bDE4rU5rWjBlO2YVDbmSPSySAM5Ae1m-5pkZWr1adhtv9dVioHnh324sq5e7Ept4THeVtouGTxyLSTxPTayKUnk-T4cCp2qLqfjfchPiOThHn2xOhWyijS6LWVE4Pq5lSMrr4srynQPKIbfDsEqgeB3WweFxM7X52PoDZ64qQYx4Vy9mlB5byXSKEl3TUwGvo8W-pBBru2PT7rtFTjV5XahjT5H9zGtkFgLF6UN6DdGHegczddgCFo8h3haIXGpR6iwdey-XHBNfjsE3UhgBHBLXTz05WQjj9U53ASUIZ1Qtbm_eupO0W6jzjCu4VinFrtKLVh036zO5LNY8BAAXwkq2yg9GgtW7APPJ8qC7km-a0RYN6sRHTnG8G8vcTXR4NYNE4VuchXg6KHr1Q1IhWiWmlzgY6XOHcyO6oo8zGESMuLamO8-_3ASFWjFgwAiq-eHxJ1WfOTnhF__oR0Gw-tlXhKgpu6oZrQVATbjv-PWqNG1jp2HtUf0zk_BFY5V9Q82w2D_dzLllHa_uyVdMThKk39PbRBYJwQxNelAX-IftWEfUXvFrT5-aW2-I8GXlP__K6uXOHoqhOsilR-i509EhZNUEPKg-j4Zpf55KlcJidot9JqXNYS6Fl06ejHgqFWZie_n6q1CT5d-Cu1ASHkGfxH80lWXVadNqyFCURGnvfc3zOV122cQ3UlvlSjgUWRKEdOcqMe5Pgrd_JzCb94iYbpu3V7u0kdsWZOWRRrl7GvNxcHG2Xv_mRa9h2g8oSQZlf7EfDsnxjPg-LTNGlRI1ex9zYZJ9hLUBKLOGEhHDFRE38bnzKcSUg9Xww8zi4wPhBAftP9mxdra1tJhIUNQBBEuEEMp3y53tSuQZRsuqXsfAaprnh32oKiHyLfaEiXAV5c21eE4YDFL2-2NQzBSP0sDQkVeHw&sai=AMfl-YQ3O5iePcjZLBDciMsb94poQlB-AcV551vhMx8opIsHtrbi3xjbG5owp_A7yPDp8fdy9raFdpflHeNbvroXOmiOyIrlPqylzDiGbtEFWvtqJ0PHfx-_AG_anh33AWNERh-V6E9KGMV9fD1yoCY6UEOtRSw8HNp8ONRTIsc4k-cmaJG8-CFf4C7ZWGXbhSBSYD8snjxCFwG6Sg1V0TWRAZY-5nGdadY8aqNuMNqbcheEbafSFOmLxmSlsjOodFtfY00D_y2kLrOhIK7jUKjjlxRRj9g5RQ&sig=Cg0ArKJSzLltHapGfbj3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=803&cbvp=1&cstd=797&cisv=r20230227.58033&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 01:51:48 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 1042 23 KB
9 KB 178ms
177ms Document
text/html 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
age: 229762
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 27 Feb 2023 10:02:26 GMT
expires: Tue, 27 Feb 2024 10:02:26 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5867749194680238080/ Frame 56B3 4 KB
1 KB 366ms
178ms Document
text/html 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15c818038091c9929fae8f5ab02d7dabd0acf22185e6ab90a8a22fefea04cc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: en-AU,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1179
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Thu, 02 Mar 2023 01:51:48 GMT
expires: Fri, 01 Mar 2024 01:51:48 GMT
last-modified: Tue, 29 Nov 2022 23:58:18 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9BFC 0
0 370ms
182ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCYpKLwj5pFtSOEuuw6ZQ9GuF-eN1sKRHx0tfy1HyZMFzdEWlCGUSq0cKId8su3rRRCc9Y67R9OJvglnSnEBHb3rCXDHK0GKgNkgfGbS5rnV1xH9oJe6qweKvRUde5krY5PkMYHlde4bRn5Z__h7DTjBUGMCbKyPSWkkseBDvkv5CAWQt6fZhinSK1RJYq0iTRapajuD3CYqK5_MedzyTfLuegKVzsJPYdW7HjpohG6X3gFuYR9-du3MjyOsOHD1g5EZno6jArv_o_lqmVR45y4esS4_j-ZSnX77DSyypQaSCMMKFDGinRF9g1K_TeYqcksSOqKb6umb-2YDeIDUiMddjsRootN-xnQ7qopWi5pJINTL9ku0AMKoJEZAjAdnXoptuk3ylhwGlkvvtj4xT43gsXPY5MIrpfh7woBFcstExvODqFnvjPg9wpyYywJcynZyLNl8krrvjEu5-UIIXLTZHMqO0N8osMTLuGHSc7KL_bwjvVBmngSJJkbgvWGAfYvMkCfrr0vCMhdEwXgbgRBUHDaCodcMGrZCJZ-xrJTHxM_ETA5M7MC4-2Fq3za0KuE1HypJHZjzL1jbZaGVLtyhM9Mn2L0V2cNHVN3hVzhLwTSMic_Pa0SyghGzH_UpRiTBmNRASxap-ywm5kZduiSkGlMJ3OQtf241d_x48yP0gHW6KzWmVFoT4mNAXkrvFB9wq7hI-1plJeHU3Q9kC3G_JB7kwdYTCOAvHFTpDjsmdTQhxsBHqzpf381YcuCJQF0LKXMpHOzcHT-HHAX1U-GWNiJz8F0emWFpEaxgMe2aDYFzc7q7IPqzzlq7R53NnJsukhJIITgyx1zoLebvL06Fu-aQSaGMDr4Y4mf1nrZpTnjo0gUMmUMDdZ-fY7hWNbbqts5xhH3QJYc99nIDPni1ORREyTesuLxH8Gd-aaS5pA5roOz45BZP-VDv0V-1AHlivYK1oHbXLwddtGVs3EetXGV2pBp0Nda5fbCnZtbMeHBc90onpajVFpy2LMlj5-OKZLyGC1PfcoDe-ZVBanL8j_e8N4dGKFl-zfm6V2FjSOmQ8uennyPNkMCAaO-qoxfwskXOnhlGE6BGwA9i88jASeflMHrX2h7egsj8u7-XeirAQH9mo0VT5F2lUDAwIufoJKKxfWN6v8JrDVL-UZIGFU2JlpKLo6pxKErhA0GG3nbuBpYQTwCK3PcsKG6dUfSysIcrd2fRhRegKsW3uj0kb0Ar6VP25BqhrNUgS3gw&sai=AMfl-YR32WHkwVsk7VvIaq5OOq8iTpUpDEy4TSA_2lVGzLJ82bBjUSwyKENdlFcI_hhLMggxOxclLYpbe4xAunVjUExOZWuUBRdrZB7IeOTTLQPFYIyE8DNd2TRT0QProqNaBd-AFvMjmXewNIBSCkJfeWQtUT4JqSYgfMXGoawfN0yjzO55eFmTh_CWVniUzepYfanQPJd7RgacCvHsgGc7wecuqdoX5qWFHuSNlvbOdjOdlYJQOnfsBgOKrVXusL376jgJkebtFSHzLqseYqAuCPhz0iZQ4g&sig=Cg0ArKJSzGGW6Yp6vwjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=878&cbvp=1&cstd=873&cisv=r20230227.95216&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 01:51:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5EC0 0
20 B 179ms
178ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJPjkMgEAZKbgMvvD4t4PtL-v8AUAAAAAOAHgBAI&bg=!_f6l_qrNAAbK-VRH6vk7ADkAdvg8WtLR9_BVCvjYn-l8gE1n1qn7io5RpzmoyLUnWMw25JALvhnzeQ7PGbCYiW74j-_US7xOi4sCAAAAkFIAAAACaAEHCgBndX5Jf6TCXqQfqhInPVUs1rptwfHgyibzGSw5wxOz9_X51lDGVtrHxp_CGASloDLU95Sp1bo9JGkTn3eGxOGS0hRnZ_Iy5xznpH01WhF0VGkO4BsDZvS4BeAvemOXDULbFddrEdNzxZkDA_LlDE-O2DuYOazQ9u99QNqPSbIbvYQ33J5M2EHTizXcoruBNlkxuBPkwypU4LycrAcHTqdWC2lQNuj-M5vo3_t5c34HbRgg2KfppKrKrR5DMnCsGikfhXTB_zV9WF_O9_OlZ4j8lHZqzX1HJzAyv5uxVvIrN0OrPFOVNGZKPaOEPvt092AKSf0XQzZkwhzDFQ7rlABgTmoHowr2LDBu6jnPBbcmV3NtfmvAe-cf5Ngtp-9sqGwhLovUqGmBHRlOobtaI3mgrDN_uKY3hEtWppWmoUY20PqLZuMB0XL2pZO9e0p8ZrlIl2AO-z7dM-xPuhyLXkO1NuucoXtnQmanUYGRJDHAun8sEFJ4cGIGl5gLIkfVNFvJ2EcUMRpONLAtILYOY3HvKvW8Fr2z2Qa_UWmMBnknoOlirQ6skJIsm0OHaC9hCz_BdDZsa3crOzSMliKJCOpolUQQZ3sC1CU0vwS-NSMFw26OIuOLxW4MveL-nupzisADzjehRnfuvkWw1yGcR8ICHfTP5wur7lx-zVLXClW1M3071GezYKLDHXnn0QL2vLxBS_Mxry6lRuu9dsCKsQnIo4iV3djuX0LGGLU985FfTnqoEXz0XLzRlwHoU8hU7_YgRmsheONNc4MTviv-Q2wK0aXOHy0Q9aC-mWNbfjXvMEnwwpdy0hBm-13IijNi3ezaz3OgbuSltrvR8TM8vvU7wDjVWwpTsCsNl01rw3kotXBLQAadP87BCT9sdiPdfCqyg6gl2SByGUlC29PNfK4qLeyQoBCMKk_yX23EEyRLgy2plK-hINy8M3oGRkAAq2-clCRZM4asZMTEK8LqJ2IiuTDAPPkuv1CYFAcm5VPhmxJKD_jKnX9hU5WhV59_M3uD_TY9N66fmGc5KR9bPU0B8LT5x6P5Ye-MtqMn82PX-RritYaZh3-L4yH-UkMUbLbYRmz5UApvW7t76WSl3XT2Xg8UmPwj3sDWplCWuRhrmX1XVmcpZG2_qcomIeiIx35t9JTZjem8abc7oIvdPw

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 1042 36 KB
14 KB 172ms
172ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450707
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:40:01 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A7C 0
20 B 175ms
174ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfBFhMgEAZIWRM6rC4t4P_YC_wAIAAAAAOAHgBAI&bg=!RUalRhLNAAbK-VRH6vk7ADkAdvg8WoWi469R6CSMJUOBKajGAPhM60KnKU6tlqOxSkfthfTNyA34kkC4gnQ658mBoU5bD16Xy-0CAAAAk1IAAAACaAEHmQLt4WeCNpiIlv4couwWI1qUTwEzbpaUPgAM2ZLVEl0QuKONfESyofyNaI2jdIhXNzNTCym6Oe1VoqhSzHxd2cdtkZzoRvB9Xcb0BZHAUlSx5FUegTyjOAIf96bhwTa1uSSYZOLGj96gywFdOrHLYF2Z9ZNpgboPqNA_MS8MvZmwtA65ZbPPohTeHiQdq2zTaD81M2XccTUBp04lcBB686HJB6tqHz3basH8_sU7k9vPaHIMpies_dbM8CgoOFGSr2f50lhStgtKmAsEuRNiHoEvtyQM-FrECKcw6oadQXwiw_YyViakpkgBHpODGQbIVbhuyOLGRjtVSzGyaaTj4BRRgVIB1X4iytd8UoBXPbcnm4DwtCo57MzkJCqfanyujxHXN2ZDQe5XqMUX1JvTQac4qE1cWUenJv8_VCQhTO0J1Fym_HzvRR2mfXaUgltnkar1Hhg8NwKDvP122eX1X6483vGydUQ1FU3Q_AttbVUOInznYz9qsz_FTqKJlkwH8cM_EEQykuNOOAGN9zqsG-kx2zRs6teiTxFnPYaCO73rdDFFW5CZYP2FsRUWtO1pJnjm6FJ4d1A_PxGVQnBHgG4se-rRPsWqUVmxWxFmXX-mMObZg7nnxX2rI1M0FJWGro3UdLn9DbgaleTc9L6XWrOD1jj12tkXMxop11cPQO-w1VYI6zD2bF6M27wAuf_3FqiZXHbXU_PEjOjaNOqTEWtVzEn_OCnYdEFL-99BEwBkrvwRfMt-8TsqO4JiN53ygDL3naWdw3ME7vuE7l0E--rYd-8FEDFS5FIMn1dw_cobVpoQXyFr_CbPdJAdhNmGcL1AuRimj-uKbm7N7idrKKAftOsT6se6cpz8l7FWXzjo1nks6Oi4QBWFqZZZdJHB4-0d_rYKm1jQYbG7ESCGG9EUtRjkdteLEL_X0RNqv8F5uBjll_-MFPxVjmSriGFw3HSaUjrJz5yCKpGJ8FJ0w9WQdDzljdgZqav8jq_Au2w

Requested by

Host: 1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
URL: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 8DB6 42 B
64 B 176ms
175ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuaDrOXeJofS6o4LMuCUY62Ijf3Jad4J43maHJOzyVg5Zak_HLIwaENJcDhn405HS5TM_JsgVBFyA8gqxTvrLliyUj4Ne9wFzm3PrKRG97tK7npZYfmJpzBfYg5_CndXqe_iIGSmGp82wA3nqmCH03yJXM7jUZHdJPKsO2AMMTo7LHtLYcMbS0CRpXERY1OAQnxvqLC5PROA4XEShqYem8AcRLIkfgNnppsymar03IWKHYynB2AFD7cWKkPG2iUqK8-1Ie4NKsdlXURNsD5T1BE6K3z2yK85dPFrDyT2buxBmUuZyZR_ltxz3UMIP7iDWN4lMVZD_IRvHl2AGlPpm4f88b0axFbPSCVHW5VzHaabWB9vju3cbpuzyBegnhwzXcwQCpQfusDvZUqtnW0Gn_8nYGilTjScIYZOH6Cw_KXQF8xN0bPIUfU9ZtU1KV8twoZbb0ClmN1U88nItq7y_rrkYzYKYbcBx_aUPJIVK1_c6y_alyRHnoDQroPo4s0OS3W7mqAfo7tPDGvqANVpDmRiXhNYtsGJ513OTRqvmx83S7_IVuJMF_ObbEUtShMzvw5Gbcr36Y-5YzDCeqSe7SimqOfUXTqNO7Mhhrku_bU7SHcC7BgjBU5In7ebfvRn4hmhX2A2rVhE9j1xPZqmsZGpZON_Cf8VPhD42laH9LsM7isiV3Tt4OdYaUwhGWSgC9ejSIU9lxCblXfo6UmL4QamylKBLsvQcUMcN81AMBeFnYtFLrlu7BpbI2VpzJotB4r3iMxv5DFb_7pCeT_zRhQ_0XwISHlNgHbkmYBlMuIIuKKW-4LpNteriMLDoj3Hezq_8hXB6wwr_yIBy_YYDVoKr7gcQmyxBZObaIntR4Ck3G6K7q3CYrSDiYXePMg_Ir5rowBL8hO_4yimo4mgjzGUS41Hto-16Cv60yj5-4p8AvUmvwpuMbrgIux1OZ87GOIPjevOH2_iNW3E7PT8Fx5Rbmq-B_HYbYrOq0t2m4QboDOlIjaAgd85BgxxR0IOwteMahKasxuZ7gYYuxzoBVbDQ&sai=AMfl-YTiv6_kwtupJfU5jq-FHy6f-y1ZtKJ1eeucEeEIuZEfDXgTK31EDQga5XQPEQp9YSAoPPRMZYmLGdQzwxqdWM34sYPU8Kxb9K4ntOpbAX-22kIdORbfgqW7Tu-63WtFWSOp4PhUJmwDiu1_lL0pkqIm0bmVHhOj&sig=Cg0ArKJSzInP3qD3JROKEAE&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&id=ampim&o=315,1110&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=924&tls=1924&g=100&h=100&tt=1924&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://www.eldersweather.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC9C 42 B
64 B 177ms
176ms Fetch
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuBaTjHCF5y8ABoRjSKbOKX-akqvxXEF946mfTbIbJDovUeMxZ3w3g0-shXYVf3dFbFax_mgQo_OsxdIDe7HEFOaosAB_c-6Sz8xDLgigmeV0xdlc35WnTBTw&sai=AMfl-YSaJZoR39LWI1ugLBqM2olMRMUn4G2ekIJH716NITbnsb-w7e_0FSHrlVFnuGLuxuFitb6kW0X7sVX2jl1f4mfwOjm_DNUJUMAbXqW10CQvWyTBxgOxcoJK5PDkCdU9DynZ0VeQsmoVbC0&sig=Cg0ArKJSzDS7oW_RtmsDEAE&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&id=lidar2&mcvt=1001&p=51,565,141,1293&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2029540140&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677721906215&rpt=1224&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1042 0
20 B 174ms
174ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BWs3QMwEAZPTpJfSX3LUPmKq2sAQAAAAAOAHgBAI&bg=!UVKlUgbNAAbK-VRH6vk7ADkAdvg8WhM-kapu2IBmK4HyaVk7cKIH7qs3qYeNjEn4KKxA7C9sTs93c901W7uCE54wT4C0l2pvyMsCAAAASFIAAAACaAEHmQL7cE9s4l7WIfsD8VaLsKgw4KwxqUzFcXqTnT-G1d9xhh5zXL6Tk1stFhic0o0AqmAp5Dw_SAggqvFriWLRzQrKgL0KnULeaIwieVce_C_YJNY315AFVbSmfF-xg1r6nNs1FTzX0RPNsLHt9NHu0krJWXx_SgJ-YNcGT1vo2vjYMluGgFu5zI18XohOiw8XziqE1aNre3uwNtCL4rNFrdFDbSWZLwhp3gBD1bnjzRd_1St-YisOw9bjk7dpOg9pSydWmZ86lrVT8a7L3TgKc-KqOqM8AynZ-smBZfBgg9EZ2l8RMCf3kVWo9UmRL6wkUUA69todoNCz-DrqSaSRYLbHyXjSLTD9oFrO5wDAlnLMBGNgV9B4TSDS_IguurKkybF_5BssjW5YqDxPXcoDAIOnfaFi2BH83-jEer3YKeFvzkEdtQvIdl0Gw469b9lVC3pnxDMDL9vfrdPRAQ1bnUN7y42mQqja0KRaBk9C1JZ4RUXcQMMG9b7FMjgbYEurG77ZAwEtNnmtp9gtk6YOew6hGTnELp3TL1AQvJkRzTe2jPb-G9yyDYUgNVhA67bfpsx7xKwts_7937JhrBk9B5Sw5ce71EKiF4kuaiTudwHxqj2LfZu7THuW2Umoj6Plszg5mHc6xVLVs2nlxEP9reaySdw2itVZ3UqVA68g2fu3OY-1nhQzblNakVgfGU0c0yTClZaAattju3-tDVA7GyUE2q0Ce3Gsv7ZoSypEvfHMHA-SaGrCIrv2tqnI6de6vQMl17u3zC4cjNBxNcETcfBKn6aTBwMEMN2ib2gBDsUXx4FN5vFIRi_oNMOXS566csT4zZU8GQg-8w3XpGXbNDYGssGvHZF8o-RAI2tBHSqIEtMJHMdTNTcExXi3TTVjs0ASje6-NATuqqOmk8SHgfEEcapaL82vDh_eT4a2sMHngos-wuilp7PsHeqn-3oaeUdf8EORF_2vpEezTZ6jY1Tmwm01-mtxfEKpJ_adNcf8oj7fc0p3psqwnzwEhQ

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/8365347031778066432/ Frame A103 6 KB
2 KB 177ms
171ms Stylesheet
text/css 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8365347031778066432/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17304947b8a41f53b337508093c090768e97bc423ca679d929549d860be318ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1841
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 23:58:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 08:53:09 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A103 118 KB
40 KB 177ms
172ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 05:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 05:41:27 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A103 60 KB
24 KB 327ms
321ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 01:51:48 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/8365347031778066432/ Frame A103 2 KB
1 KB 195ms
190ms Script
application/x-javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8365347031778066432/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9264232d1b4f7eac5f8a768388329f66444699665668f65fe55c7bb162f1101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 28 Feb 2023 08:53:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 147519
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1054
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 23:58:21 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 28 Feb 2024 08:53:09 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/5867749194680238080/ Frame 56B3 6 KB
2 KB 177ms
176ms Stylesheet
text/css 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5867749194680238080/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17304947b8a41f53b337508093c090768e97bc423ca679d929549d860be318ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 15:36:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36914
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1841
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 23:58:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 15:36:34 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 56B3 118 KB
40 KB 186ms
184ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 05:41:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72621
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 05:41:27 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 56B3 60 KB
24 KB 435ms
434ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 01:51:48 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/5867749194680238080/ Frame 56B3 2 KB
1 KB 254ms
253ms Script
application/x-javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5867749194680238080/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9264232d1b4f7eac5f8a768388329f66444699665668f65fe55c7bb162f1101b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 01 Mar 2023 15:36:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36913
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1054
x-xss-protection: 0
last-modified: Tue, 29 Nov 2022 23:58:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Feb 2024 15:36:35 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9BFC 42 B
64 B 176ms
176ms Fetch
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsslNUgU_lWL8HkyGBprNmvwu7Kk2FeXH4hnxE1bX0x426yXGij0r4pH6dzr0RBVxsElTxuR9TfdJ1wSzKSej__YZGQ_GDLwSd3t_mgmY32sZwZGrN0-I6M4qQ&sai=AMfl-YRqyvEQMEF6xTXtzbxWT4_D_QMfgEz9KVAeLS7NLgtIpEFh8QLblvATIXGK7Xp8vxBW4lkqj1nanGpZoUc3AFmUBL9xPIDMfEZl6KfsqAw_tW9lxmR1HtPOKmsITYV5eWn1YKnuXEJKuTA&sig=Cg0ArKJSzBa5UywbHH6iEAE&cid=CAQSSgDUE5ymZuyFEeCPHPhVuUF3B09Ahn1hqANlLKXYjO_wBBroWGmaizkmNRdvI0IW8P8_YGq4FwYXSW4KZ9zVIdbtwyFs0MJ6aKm2GAE&id=lidar2&mcvt=1018&p=365,980,615,1280&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20230301&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=992480374&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677721906219&rpt=1265&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r4---sn-hxa76n7z.c.2mdn.net/videoplayback/id/bf634c88b8b1668e/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3797202657/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5B84 2 MB
2 MB 172ms
85ms Media
video/mp4 74.125.109.201
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.109.201 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mel05s04-in-f9.1e100.net

Software

gvs 1.0 /

Resource Hash

73015319fcff445d8abe61edaa861e877d03ea0b927e8a64f25502029bc9a1d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

expires: Thu, 02 Mar 2023 01:51:48 GMT
date: Thu, 02 Mar 2023 01:51:48 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2226652/2226653
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2226653
last-modified: Tue, 17 May 2022 02:27:22 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com
client-protocol: quic

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9BFC 0
0 173ms
172ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstCYpKLwj5pFtSOEuuw6ZQ9GuF-eN1sKRHx0tfy1HyZMFzdEWlCGUSq0cKId8su3rRRCc9Y67R9OJvglnSnEBHb3rCXDHK0GKgNkgfGbS5rnV1xH9oJe6qweKvRUde5krY5PkMYHlde4bRn5Z__h7DTjBUGMCbKyPSWkkseBDvkv5CAWQt6fZhinSK1RJYq0iTRapajuD3CYqK5_MedzyTfLuegKVzsJPYdW7HjpohG6X3gFuYR9-du3MjyOsOHD1g5EZno6jArv_o_lqmVR45y4esS4_j-ZSnX77DSyypQaSCMMKFDGinRF9g1K_TeYqcksSOqKb6umb-2YDeIDUiMddjsRootN-xnQ7qopWi5pJINTL9ku0AMKoJEZAjAdnXoptuk3ylhwGlkvvtj4xT43gsXPY5MIrpfh7woBFcstExvODqFnvjPg9wpyYywJcynZyLNl8krrvjEu5-UIIXLTZHMqO0N8osMTLuGHSc7KL_bwjvVBmngSJJkbgvWGAfYvMkCfrr0vCMhdEwXgbgRBUHDaCodcMGrZCJZ-xrJTHxM_ETA5M7MC4-2Fq3za0KuE1HypJHZjzL1jbZaGVLtyhM9Mn2L0V2cNHVN3hVzhLwTSMic_Pa0SyghGzH_UpRiTBmNRASxap-ywm5kZduiSkGlMJ3OQtf241d_x48yP0gHW6KzWmVFoT4mNAXkrvFB9wq7hI-1plJeHU3Q9kC3G_JB7kwdYTCOAvHFTpDjsmdTQhxsBHqzpf381YcuCJQF0LKXMpHOzcHT-HHAX1U-GWNiJz8F0emWFpEaxgMe2aDYFzc7q7IPqzzlq7R53NnJsukhJIITgyx1zoLebvL06Fu-aQSaGMDr4Y4mf1nrZpTnjo0gUMmUMDdZ-fY7hWNbbqts5xhH3QJYc99nIDPni1ORREyTesuLxH8Gd-aaS5pA5roOz45BZP-VDv0V-1AHlivYK1oHbXLwddtGVs3EetXGV2pBp0Nda5fbCnZtbMeHBc90onpajVFpy2LMlj5-OKZLyGC1PfcoDe-ZVBanL8j_e8N4dGKFl-zfm6V2FjSOmQ8uennyPNkMCAaO-qoxfwskXOnhlGE6BGwA9i88jASeflMHrX2h7egsj8u7-XeirAQH9mo0VT5F2lUDAwIufoJKKxfWN6v8JrDVL-UZIGFU2JlpKLo6pxKErhA0GG3nbuBpYQTwCK3PcsKG6dUfSysIcrd2fRhRegKsW3uj0kb0Ar6VP25BqhrNUgS3gw&sai=AMfl-YR32WHkwVsk7VvIaq5OOq8iTpUpDEy4TSA_2lVGzLJ82bBjUSwyKENdlFcI_hhLMggxOxclLYpbe4xAunVjUExOZWuUBRdrZB7IeOTTLQPFYIyE8DNd2TRT0QProqNaBd-AFvMjmXewNIBSCkJfeWQtUT4JqSYgfMXGoawfN0yjzO55eFmTh_CWVniUzepYfanQPJd7RgacCvHsgGc7wecuqdoX5qWFHuSNlvbOdjOdlYJQOnfsBgOKrVXusL376jgJkebtFSHzLqseYqAuCPhz0iZQ4g&sig=Cg0ArKJSzGGW6Yp6vwjwEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1811&vt=11&dtpt=933&dett=3&cstd=873&cisv=r20230227.95216&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 01:51:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFC 0
20 B 173ms
173ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.895,e2e.3572,fs.720,reqs.721,ress.895,rese.900&srt=176&e=&id=csi_pagead&gqid=&qqid=CJHC35GRvP0CFT6IZgIdwGQCHw&rt=lb.1094,ol.2677

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DC9C 0
0 173ms
173ms Fetch
image/gif 74.125.200.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssmZ8pBFeOGF2b_njEZK6A7bziRFVA7xvf43pRhO8CjJhLOJ0y6AyaD7x7vH_oyZX5oM8HYtaahbkIRe5W_1D3Gm0Q9QqdpKLJlsgGFePaef91668RsczoLaOF8hwKJXIYv4WPVng9sZ3OgIl2pEHiGcNll3cLnAsdmrEdwl_ya8G-zqZ0utsH5UDHAOdO9oqxFi5LnRnq84_Yq8GKrUrJfMpH5XD2KLCO3vD1bRqMrbVkp6EUtQ4vMl0Dxni361kzSor2gMGuxi8jPCHGnFfgHEEN1j3z2j5VBUZ0IcY6sX0kLD-gOKJtSQGm_03vR3bDE4rU5rWjBlO2YVDbmSPSySAM5Ae1m-5pkZWr1adhtv9dVioHnh324sq5e7Ept4THeVtouGTxyLSTxPTayKUnk-T4cCp2qLqfjfchPiOThHn2xOhWyijS6LWVE4Pq5lSMrr4srynQPKIbfDsEqgeB3WweFxM7X52PoDZ64qQYx4Vy9mlB5byXSKEl3TUwGvo8W-pBBru2PT7rtFTjV5XahjT5H9zGtkFgLF6UN6DdGHegczddgCFo8h3haIXGpR6iwdey-XHBNfjsE3UhgBHBLXTz05WQjj9U53ASUIZ1Qtbm_eupO0W6jzjCu4VinFrtKLVh036zO5LNY8BAAXwkq2yg9GgtW7APPJ8qC7km-a0RYN6sRHTnG8G8vcTXR4NYNE4VuchXg6KHr1Q1IhWiWmlzgY6XOHcyO6oo8zGESMuLamO8-_3ASFWjFgwAiq-eHxJ1WfOTnhF__oR0Gw-tlXhKgpu6oZrQVATbjv-PWqNG1jp2HtUf0zk_BFY5V9Q82w2D_dzLllHa_uyVdMThKk39PbRBYJwQxNelAX-IftWEfUXvFrT5-aW2-I8GXlP__K6uXOHoqhOsilR-i509EhZNUEPKg-j4Zpf55KlcJidot9JqXNYS6Fl06ejHgqFWZie_n6q1CT5d-Cu1ASHkGfxH80lWXVadNqyFCURGnvfc3zOV122cQ3UlvlSjgUWRKEdOcqMe5Pgrd_JzCb94iYbpu3V7u0kdsWZOWRRrl7GvNxcHG2Xv_mRa9h2g8oSQZlf7EfDsnxjPg-LTNGlRI1ex9zYZJ9hLUBKLOGEhHDFRE38bnzKcSUg9Xww8zi4wPhBAftP9mxdra1tJhIUNQBBEuEEMp3y53tSuQZRsuqXsfAaprnh32oKiHyLfaEiXAV5c21eE4YDFL2-2NQzBSP0sDQkVeHw&sai=AMfl-YQ3O5iePcjZLBDciMsb94poQlB-AcV551vhMx8opIsHtrbi3xjbG5owp_A7yPDp8fdy9raFdpflHeNbvroXOmiOyIrlPqylzDiGbtEFWvtqJ0PHfx-_AG_anh33AWNERh-V6E9KGMV9fD1yoCY6UEOtRSw8HNp8ONRTIsc4k-cmaJG8-CFf4C7ZWGXbhSBSYD8snjxCFwG6Sg1V0TWRAZY-5nGdadY8aqNuMNqbcheEbafSFOmLxmSlsjOodFtfY00D_y2kLrOhIK7jUKjjlxRRj9g5RQ&sig=Cg0ArKJSzLltHapGfbj3EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1897&vt=11&dtpt=1094&dett=3&cstd=797&cisv=r20230227.58033&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.eldersweather.com.au
URL: https://www.eldersweather.com.au/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.200.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 02 Mar 2023 01:51:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9C 0
20 B 173ms
172ms Image
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?v=3&s=pagead&action=load3pas&it=fb.886,e2e.3578,fs.715,reqs.718,ress.886,rese.895&srt=171&e=&id=csi_pagead&gqid=&qqid=CJDC35GRvP0CFT6IZgIdwGQCHw&rt=lb.1059,ol.2692

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame 56B3 9 KB
1 KB 171ms
171ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:04:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 56B3 7 KB
6 KB 175ms
175ms XHR
application/json 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c250ec70be1594df272a079ea2479adab6b94a66d18bc5f2f0301af542549ccf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5687
x-xss-protection: 0

GET
H3 200 dynamicBuilder.min.js Show response
s0.2mdn.net/creatives/assets/1951882/ Frame A103 9 KB
1 KB 171ms
171ms Script
text/javascript 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d585510ebf6dccd5790b2083b5e4425473fa2277aef2dc2be1fcba2d04f47e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1400
x-xss-protection: 0
last-modified: Wed, 04 Apr 2018 17:00:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:04:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A103 7 KB
6 KB 178ms
178ms XHR
application/json 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b05d6112211ee9d5c4951672d7756d1777986bf7421f3a7f46b8cb68f635abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5645
x-xss-protection: 0

GET
H3 200 4977522743186491977.json Show response
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 12 KB
5 KB 173ms
173ms XHR
application/json 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4449109/4977522743186491977.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5867749194680238080/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2c8516644b621027dcd0c852a52586d5fd4a522bb5fd2a3e0cbf7e6d694865c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4815
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 07:35:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 56B3 17 KB
6 KB 173ms
173ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 01:51:49 GMT

GET
H3 200 777284151815074274.json Show response
s0.2mdn.net/creatives/assets/4449109/ Frame A103 12 KB
5 KB 173ms
173ms XHR
application/json 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4449109/777284151815074274.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8365347031778066432/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2a46f844a757975e2bcba2f5484ad092849287550655b65e81dd6d46d81f476

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5039
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 07:36:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5B84 0
54 B 381ms
380ms Ping
image/gif 142.251.134.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~leqgb130&c=6591211953457&slotId=3295605976728.5&qqid=CJLC35GRvP0CFT6IZgIdwGQCHw&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=989&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230227_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.251.134.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: eze10s09-in-f3.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A103 17 KB
6 KB 172ms
171ms Script
text/javascript 74.125.24.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 02 Mar 2023 01:51:49 GMT

GET
H3 200 oz-orange2.svg
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 898 B
541 B 175ms
175ms Image
image/svg+xml 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/oz-orange2.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

552e22ceea7d62f40b4d08b5a581dad1eb0780499d834bf9fd70345d91ecb220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 513
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 04:22:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 FireRatingSign.png
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 47 KB
47 KB 1291ms
1289ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/FireRatingSign.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc7ceaf1ec70f8866644c56fc5d5a85e0ac034758a1d36546e72b9496cd8ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47969
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 04:22:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:50 GMT

GET
H3 200 Needle_white.png
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 9 KB
9 KB 176ms
174ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/Needle_white.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecfbea81f52204a63818a953bb4062d48f8f21ab96c15edd30b63527932b1dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 04:22:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET flame.png
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 0
0

GET
H3 200 victoria-logo.png
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 7 KB
7 KB 1025ms
1024ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/victoria-logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e76741a7947cdac9db381763c29815dbff20cbbe21d1bb2d32a9f57c92b01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7029
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:50 GMT

GET
H3 200 bg-300x250.png
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 44 KB
44 KB 174ms
174ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/bg-300x250.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7ba25c8ba76e98b9940dd7c6b6af4f38c55b135e2a88f62a953dbe8de7aa3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45394
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:51 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 transparent.png
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 68 B
94 B 173ms
172ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/transparent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:42:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 28ce14a219614150add9442d52da9ef8.jpg
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 33 KB
33 KB 1036ms
1036ms Image
image/jpeg 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/28ce14a219614150add9442d52da9ef8.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

182fc093ca71dfa3008177d0b6e38924272191a292675d7e4cf873a066a17e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33859
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 07:39:18 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:50 GMT

GET
H3 200 Aleo-Regular.woff2
s0.2mdn.net/creatives/assets/4449109/ Frame 56B3 30 KB
30 KB 175ms
174ms Font
font/woff2 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4449109/Aleo-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ed2838973dcb8518fb808b837c391629368c994d19351e7ecbcca1d8e368fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5867749194680238080/index.html?e=69&leftOffset=0&topOffset=0&c=x7XSTSzBXR&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30904
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame D3E9 36 KB
14 KB 172ms
171ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:40:01 GMT

GET
H3 200 oz-orange2.svg
s0.2mdn.net/creatives/assets/4449109/ Frame A103 898 B
541 B 188ms
188ms Image
image/svg+xml 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/oz-orange2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

552e22ceea7d62f40b4d08b5a581dad1eb0780499d834bf9fd70345d91ecb220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 513
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 04:22:16 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 FireRatingSign.png
s0.2mdn.net/creatives/assets/4449109/ Frame A103 47 KB
47 KB 1259ms
1259ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/FireRatingSign.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cc7ceaf1ec70f8866644c56fc5d5a85e0ac034758a1d36546e72b9496cd8ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47969
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 04:22:13 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:50 GMT

GET
H3 200 Needle_white.png
s0.2mdn.net/creatives/assets/4449109/ Frame A103 9 KB
9 KB 188ms
188ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/Needle_white.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecfbea81f52204a63818a953bb4062d48f8f21ab96c15edd30b63527932b1dcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9377
x-xss-protection: 0
last-modified: Wed, 14 Dec 2022 04:22:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 victoria-logo.png
s0.2mdn.net/creatives/assets/4449109/ Frame A103 7 KB
7 KB 987ms
987ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/victoria-logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/1951882/dynamicBuilder.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8e76741a7947cdac9db381763c29815dbff20cbbe21d1bb2d32a9f57c92b01a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7029
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:50 GMT

GET
H3 200 flame728.png
s0.2mdn.net/creatives/assets/4449109/ Frame A103 46 KB
46 KB 231ms
231ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/flame728.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e9f555ea039c2c35604b6e59179c55d0a74f864bad27cb8dedaeb6075dde831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47339
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:52 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 bg-728x90.png
s0.2mdn.net/creatives/assets/4449109/ Frame A103 38 KB
38 KB 1225ms
1224ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/bg-728x90.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe22bd0c7391c128591d08a3c5af9eda64c7134540646fca462628b90e83ed24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39071
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:50 GMT

GET
H3 200 transparent.png
s0.2mdn.net/creatives/assets/4449109/ Frame A103 68 B
94 B 215ms
213ms Image
image/png 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/transparent.png

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 68
x-xss-protection: 0
last-modified: Thu, 01 Dec 2022 09:42:11 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 c36b4bf2b8b4a5cd0f723fc0dc72bb32.jpg
s0.2mdn.net/creatives/assets/4449109/ Frame A103 24 KB
24 KB 234ms
233ms Image
image/jpeg 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4449109/c36b4bf2b8b4a5cd0f723fc0dc72bb32.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e229550170b61aef5b121880e2d09fc09a93977f96e0d66f00779d577dc3625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24298
x-xss-protection: 0
last-modified: Thu, 22 Dec 2022 07:38:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 Aleo-Regular.woff2
s0.2mdn.net/creatives/assets/4449109/ Frame A103 30 KB
30 KB 174ms
173ms Font
font/woff2 142.251.12.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4449109/Aleo-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.12.149 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ed2838973dcb8518fb808b837c391629368c994d19351e7ecbcca1d8e368fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8365347031778066432/index.html?e=69&leftOffset=0&topOffset=0&c=hL0tvPB4Ma&t=1&renderingType=2&ev=01_247
Origin: https://s0.2mdn.net
accept-language: en-AU,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 01:51:49 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30904
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 01:38:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 02 Mar 2023 02:06:49 GMT

GET
H3 200 H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js Show response
pagead2.googlesyndication.com/bg/ Frame 065F 36 KB
14 KB 172ms
171ms Script
text/javascript 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H2GK6uPviADyDKnnsjExBLZMgeJKrQTzBmZeZlVfawk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f618aeae3ef8800f20ca9e7b2313104b64c81e24aad04f306665e66555f6b09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:40:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 450708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14309
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 20:40:01 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9BFC 0
20 B 173ms
173ms Ping
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9555863264321&version=m202301230201&ct=76&x=1&cor=11986679766924351000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-AU,en;q=0.9
Referer: https://1976cde698c82eb2dd8a5f3df7c44ce6.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 02 Mar 2023 01:51:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DC9C 0
20 B 174ms
173ms Ping
image/gif 74.125.24.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1666464623530&version=m202301230201&ct=76&x=1&cor=10213204134933897000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

74.125.24.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS