urlscan.io logo urlscan.io
SecurityTrails logo

www.afr.com Open in urlscan Pro
151.101.194.133  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Submission: On September 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 118 IPs in 9 countries across 93 domains to perform 340 HTTP transactions. The main IP is 151.101.194.133, located in United States and belongs to FASTLY, US. The main domain is www.afr.com. The Cisco Umbrella rank of the primary domain is 339222.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on November 21st 2022. Valid for: a year.
This is the only time www.afr.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
47 151.101.194.133 54113 (FASTLY)
2 142.250.185.200 15169 (GOOGLE)
1 143.204.214.71 16509 (AMAZON-02)
1 104.18.223.248 13335 (CLOUDFLAR...)
6 151.101.130.133 54113 (FASTLY)
7 142.250.184.206 15169 (GOOGLE)
1 18.66.112.9 16509 (AMAZON-02)
2 13.35.255.75 16509 (AMAZON-02)
3 7 172.217.23.102 15169 (GOOGLE)
1 151.101.65.140 54113 (FASTLY)
1 7 142.250.184.194 15169 (GOOGLE)
2 2.21.20.141 20940 (AKAMAI-ASN1)
3 157.240.201.15 32934 (FACEBOOK)
1 18.66.122.30 16509 (AMAZON-02)
3 87.248.119.251 203220 (YAHOO-DEB)
1 151.101.64.114 54113 (FASTLY)
1 13.225.78.58 16509 (AMAZON-02)
1 35.244.142.80 15169 (GOOGLE)
1 52.64.218.213 16509 (AMAZON-02)
2 146.75.116.157 54113 (FASTLY)
1 2.21.20.155 20940 (AKAMAI-ASN1)
1 3 34.249.4.25 16509 (AMAZON-02)
6 13.32.121.65 16509 (AMAZON-02)
1 52.222.236.78 16509 (AMAZON-02)
3 216.58.206.34 15169 (GOOGLE)
4 13.32.121.94 16509 (AMAZON-02)
1 104.18.13.194 13335 (CLOUDFLAR...)
1 52.222.236.63 16509 (AMAZON-02)
6 34.110.168.46 396982 (GOOGLE-CL...)
2 216.239.36.54 15169 (GOOGLE)
4 54.66.82.44 16509 (AMAZON-02)
4 142.250.186.174 15169 (GOOGLE)
13 34.253.121.178 16509 (AMAZON-02)
2 3.234.106.202 14618 (AMAZON-AES)
1 108.138.4.59 16509 (AMAZON-02)
4 5 172.217.18.102 15169 (GOOGLE)
2 104.244.42.69 13414 (TWITTER)
2 104.244.42.67 13414 (TWITTER)
1 216.239.34.36 15169 (GOOGLE)
2 66.102.1.154 15169 (GOOGLE)
4 142.250.184.195 15169 (GOOGLE)
3 13.224.192.181 16509 (AMAZON-02)
1 172.67.70.134 13335 (CLOUDFLAR...)
1 54.194.110.112 16509 (AMAZON-02)
1 63.140.62.22 16509 (AMAZON-02)
2 63.33.121.220 16509 (AMAZON-02)
2 184.30.17.133 16625 (AKAMAI-AS)
2 5 184.30.16.195 16625 (AKAMAI-AS)
1 143.47.190.59 31898 (ORACLE-BM...)
1 34.111.134.78 396982 (GOOGLE-CL...)
2 151.101.193.140 54113 (FASTLY)
1 4 142.250.185.132 15169 (GOOGLE)
1 151.101.194.202 54113 (FASTLY)
1 54.210.220.158 14618 (AMAZON-AES)
1 5 172.217.16.194 15169 (GOOGLE)
4 23.212.213.4 16625 (AKAMAI-AS)
7 104.17.194.118 13335 (CLOUDFLAR...)
4 13.224.189.123 16509 (AMAZON-02)
3 5 13.107.42.14 8068 (MICROSOFT...)
1 3 13.225.78.35 16509 (AMAZON-02)
5 8 37.252.172.123 29990 (ASN-APPNEX)
6 157.240.201.35 32934 (FACEBOOK)
1 1 46.228.164.13 56396 (AMOBEE)
1 99.86.4.107 16509 (AMAZON-02)
1 99.86.4.128 16509 (AMAZON-02)
7 10 69.173.144.165 26667 (RUBICONPR...)
1 130.162.160.243 31898 (ORACLE-BM...)
8 142.250.186.163 15169 (GOOGLE)
2 212.82.100.181 34010 (YAHOO-IRD)
1 63.34.81.234 16509 (AMAZON-02)
1 104.16.88.20 13335 (CLOUDFLAR...)
11 13 142.250.185.98 15169 (GOOGLE)
1 130.211.23.194 15169 (GOOGLE)
2 172.67.69.19 13335 (CLOUDFLAR...)
1 1 151.101.194.49 54113 (FASTLY)
2 2 151.101.130.49 54113 (FASTLY)
1 1 44.219.176.120 14618 (AMAZON-AES)
3 8 104.18.27.193 13335 (CLOUDFLAR...)
1 35.156.100.108 16509 (AMAZON-02)
1 213.19.162.41 3356 (LEVEL3)
1 185.64.189.112 62713 (AS-PUBMATIC)
2 34.102.253.54 396982 (GOOGLE-CL...)
1 18.66.112.78 16509 (AMAZON-02)
1 1 3.127.178.105 16509 (AMAZON-02)
4 5 3.71.149.231 16509 (AMAZON-02)
4 35.190.80.153 15169 (GOOGLE)
1 1 192.229.233.25 15133 (EDGECAST)
1 13.225.78.4 16509 (AMAZON-02)
10 104.17.25.14 13335 (CLOUDFLAR...)
16 142.250.74.206 15169 (GOOGLE)
2 13.55.162.157 16509 (AMAZON-02)
2 34.110.181.170 396982 (GOOGLE-CL...)
2 104.18.24.18 13335 (CLOUDFLAR...)
1 151.101.1.108 54113 (FASTLY)
2 95.101.149.233 16625 (AKAMAI-AS)
2 3 76.223.111.18 16509 (AMAZON-02)
1 3 198.47.127.19 3257 (GTT-BACKB...)
1 142.250.185.161 15169 (GOOGLE)
3 167.235.124.60 24940 (HETZNER-AS)
1 178.250.1.9 44788 (ASN-CRITE...)
3 5 52.94.222.140 16509 (AMAZON-02)
1 1 91.228.74.244 16509 (AMAZON-02)
12 185.64.191.210 62713 (AS-PUBMATIC)
1 52.18.182.246 16509 (AMAZON-02)
2 2 34.111.129.221 396982 (GOOGLE-CL...)
1 34.111.131.239 396982 (GOOGLE-CL...)
3 4 54.211.118.49 14618 (AMAZON-AES)
3 4 37.157.3.30 198622 (ADFORM)
1 2 34.91.62.186 396982 (GOOGLE-CL...)
3 35.71.131.137 16509 (AMAZON-02)
2 198.47.127.20 62713 (AS-PUBMATIC)
3 5 209.54.182.161 16509 (AMAZON-02)
1 184.86.251.89 20940 (AKAMAI-ASN1)
1 99.81.218.56 16509 (AMAZON-02)
1 2 54.246.166.234 16509 (AMAZON-02)
3 104.17.209.240 13335 (CLOUDFLAR...)
4 172.217.16.130 15169 (GOOGLE)
1 1 34.199.23.6 14618 (AMAZON-AES)
1 18.203.183.215 16509 (AMAZON-02)
1 3.144.50.131 16509 (AMAZON-02)
3 216.58.212.129 15169 (GOOGLE)
1 185.64.190.82 62713 (AS-PUBMATIC)
1 1 85.114.159.93 24961 (MYLOC-AS ...)
1 1 54.158.55.205 14618 (AMAZON-AES)
1 72.251.245.181 32475 (SINGLEHOP...)
5 5 52.18.164.186 16509 (AMAZON-02)
1 1 185.86.139.102 201081 (SMARTADSE...)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 35.214.215.84 15169 (GOOGLE)
1 3 104.22.25.87 13335 (CLOUDFLAR...)
1 2 77.243.51.121 42697 (NETIC-AS)
1 1 141.94.171.216 16276 (OVH)
3 3 3.124.69.248 16509 (AMAZON-02)
1 1 141.95.32.72 16276 (OVH)
1 98.98.134.242 21859 (ZEN-ECN)
2 2 64.158.223.140 41041 (VCLK-EU-SE)
1 1 46.228.164.11 56396 (AMOBEE)
340 118
47    151.101.194.133 (United States)

ASN54113 (FASTLY, US)
www.afr.com
static.ffx.io
api.afr.com
2    142.250.185.200 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f8.1e100.net
www.googletagmanager.com
1    143.204.214.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-71.fra53.r.cloudfront.net
d2uhnetoehh304.cloudfront.net
1    104.18.223.248 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.tinypass.com
6    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
api.afr.com
www.afr.com
7    142.250.184.206 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f14.1e100.net
news.google.com
1    18.66.112.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-9.fra56.r.cloudfront.net
adkit.9pub.io
2    13.35.255.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-255-75.fra6.r.cloudfront.net
static.chartbeat.com
7    172.217.23.102 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f6.1e100.net
12281244.fls.doubleclick.net
6633783.fls.doubleclick.net
12393262.fls.doubleclick.net
1    151.101.65.140 (United States)

ASN54113 (FASTLY, US)
www.redditstatic.com
7    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.com
2    2.21.20.141 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-141.deploy.static.akamaitechnologies.com
snap.licdn.com
3    157.240.201.15 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams4.fbcdn.net
connect.facebook.net
1    18.66.122.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-30.fra60.r.cloudfront.net
static.hotjar.com
3    87.248.119.251 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e1-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
1    151.101.64.114 (United States)

ASN54113 (FASTLY, US)
cdn.evgnet.com
1    13.225.78.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-58.fra2.r.cloudfront.net
pixel.weare8.com
1    35.244.142.80 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 80.142.244.35.bc.googleusercontent.com
cdn.pdst.fm
1    52.64.218.213 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-64-218-213.ap-southeast-2.compute.amazonaws.com
pixel.nine.com.au
2    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2.21.20.155 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-155.deploy.static.akamaitechnologies.com
sjs.bizographics.com
3    34.249.4.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-4-25.eu-west-1.compute.amazonaws.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
6    13.32.121.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-65.fra60.r.cloudfront.net
cdn-gl.imrworldwide.com
1    52.222.236.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-78.fra56.r.cloudfront.net
adc-js.nine.com.au
3    216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lhr35s10-in-f2.1e100.net
securepubads.g.doubleclick.net
4    13.32.121.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-94.fra60.r.cloudfront.net
au-script.dotmetrics.net
1    104.18.13.194 (None, )

ASN13335 (CLOUDFLARENET, US)
api.beyondwords.io
1    52.222.236.63 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-63.fra56.r.cloudfront.net
script.hotjar.com
6    34.110.168.46 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 46.168.110.34.bc.googleusercontent.com
i.ffx.io
2    216.239.36.54 (United States)

ASN15169 (GOOGLE, US)
us-central1-adaptive-growth.cloudfunctions.net
4    54.66.82.44 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-66-82-44.ap-southeast-2.compute.amazonaws.com
l.ffx.io
4    142.250.186.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
www.google-analytics.com
13    34.253.121.178 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
dpm.demdex.net
2    3.234.106.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-106-202.compute-1.amazonaws.com
10510523.collect.igodigital.com
nova.collect.igodigital.com
1    108.138.4.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-59.fra56.r.cloudfront.net
cdn.parsely.com
5    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f6.1e100.net
ad.doubleclick.net
2    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    104.244.42.67 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
1    216.239.34.36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
2    66.102.1.154 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f154.1e100.net
stats.g.doubleclick.net
4    142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net
www.google.de
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    172.67.70.134 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    54.194.110.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-110-112.eu-west-1.compute.amazonaws.com
fairfaxau.demdex.net
1    63.140.62.22 (United States)

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-22.data.adobedc.net
fairfaxau.sc.omtrdc.net
2    63.33.121.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-121-220.eu-west-1.compute.amazonaws.com
nd.demdex.net
2    184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com
z.moatads.com
5    184.30.16.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-195.deploy.static.akamaitechnologies.com
ads.pubmatic.com
image5.pubmatic.com
1    143.47.190.59 (Amsterdam, Netherlands)

ASN31898 (ORACLE-BMC-31898, US)
fairfaxmedia.gscontxt.net
1    34.111.134.78 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 78.134.111.34.bc.googleusercontent.com
teenytinyshirt.com
2    151.101.193.140 (United States)

ASN54113 (FASTLY, US)
alb.reddit.com
4    142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
1    151.101.194.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    54.210.220.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-210-220-158.compute-1.amazonaws.com
ping.chartbeat.net
5    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
adservice.google.de
www.googleadservices.com
4    23.212.213.4 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-213-4.deploy.static.akamaitechnologies.com
cdn.cxense.com
7    104.17.194.118 (None, )

ASN13335 (CLOUDFLARENET, US)
c2-au.piano.io
buy-au.piano.io
4    13.224.189.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-123.fra2.r.cloudfront.net
cdn.linkedin.oribi.io
5    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
www.linkedin.com
3    13.225.78.35 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-35.fra2.r.cloudfront.net
secure-gl.imrworldwide.com
8    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
6    157.240.201.35 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-ams4.facebook.com
www.facebook.com
1    46.228.164.13 (United Kingdom)

ASN56396 (AMOBEE, GB)
d.turn.com
1    99.86.4.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-107.fra6.r.cloudfront.net
rm-script.dotmetrics.net
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
10    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    130.162.160.243 (Slough, United Kingdom)

ASN31898 (ORACLE-BMC-31898, US)
mb.moatads.com
8    142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net
www.gstatic.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
1    63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
p1.parsely.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
13    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    172.67.69.19 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
rtd.tubemogul.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
rtd-tm.everesttech.net
1    44.219.176.120 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-219-176-120.compute-1.amazonaws.com
sync.adap.tv
8    104.18.27.193 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    35.156.100.108 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-100-108.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    213.19.162.41 (United Kingdom)

ASN3356 (LEVEL3, US)
fastlane.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    18.66.112.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-78.fra56.r.cloudfront.net
ramqgrikhxntouhb6dnnciyrg9ltu1694997204.nuid.imrworldwide.com
1    3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
ps.eyeota.net
5    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
pixel.advertising.com
4    35.190.80.153 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 153.80.190.35.bc.googleusercontent.com
i-dev.ffx.io
1    192.229.233.25 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    13.225.78.4 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-4.fra2.r.cloudfront.net
static.adsafeprotected.com
10    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
16    142.250.74.206 (Old Bridge, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f14.1e100.net
play.google.com
2    13.55.162.157 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-55-162-157.ap-southeast-2.compute.amazonaws.com
adc.nine.com.au
2    34.110.181.170 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 170.181.110.34.bc.googleusercontent.com
strangersponge.com
2    104.18.24.18 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
2    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
dmpsync.3lift.com
3    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com
3    167.235.124.60 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nue0038.cxense.com
p1cluster.cxense.com
comcluster.cxense.com
id.cxense.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
5    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
12    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
1    52.18.182.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
1    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
4    54.211.118.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-118-49.compute-1.amazonaws.com
a.audrte.com
4    37.157.3.30 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
2    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
5    209.54.182.161 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    184.86.251.89 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-89.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    99.81.218.56 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-218-56.eu-west-1.compute.amazonaws.com
d.adroll.com
2    54.246.166.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-166-234.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    104.17.209.240 (None, )

ASN13335 (CLOUDFLARENET, US)
zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com
siteintercept.qualtrics.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
pagead2.googlesyndication.com
1    34.199.23.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-23-6.compute-1.amazonaws.com
usermatch.krxd.net
1    18.203.183.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.144.50.131 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-144-50-131.us-east-2.compute.amazonaws.com
dmp.v.fwmrm.net
3    216.58.212.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f1.1e100.net
tpc.googlesyndication.com
1    185.64.190.82 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
t.pubmatic.com
1    85.114.159.93 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
1    54.158.55.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-158-55-205.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    72.251.245.181 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
5    52.18.164.186 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-164-186.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    35.214.215.84 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 84.215.214.35.bc.googleusercontent.com
csync.loopme.me
3    104.22.25.87 (None, )

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
spl.zeotap.com
2    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
3    3.124.69.248 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-69-248.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    141.95.32.72 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-005.roqad.pl
ws.rqtrk.eu
1    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com
pixel-sync.sitescout.com
2    64.158.223.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams02-nessy-float2.dotomi.com
pubmatic-match.dotomi.com
1    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
Apex Domain
Subdomains		 Transfer
36 afr.com
www.afr.com — Cisco Umbrella Rank: 339222
api.afr.com — Cisco Umbrella Rank: 369870
1 MB
33 google.com
news.google.com — Cisco Umbrella Rank: 6407
adservice.google.com — Cisco Umbrella Rank: 121
region1.analytics.google.com — Cisco Umbrella Rank: 2787
www.google.com — Cisco Umbrella Rank: 2
play.google.com — Cisco Umbrella Rank: 40
82 KB
32 doubleclick.net
12281244.fls.doubleclick.net — Cisco Umbrella Rank: 218574
googleads.g.doubleclick.net — Cisco Umbrella Rank: 47
6633783.fls.doubleclick.net — Cisco Umbrella Rank: 459109
12393262.fls.doubleclick.net — Cisco Umbrella Rank: 222412
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209
ad.doubleclick.net — Cisco Umbrella Rank: 165
stats.g.doubleclick.net — Cisco Umbrella Rank: 98
cm.g.doubleclick.net — Cisco Umbrella Rank: 255
170 KB
31 ffx.io
static.ffx.io — Cisco Umbrella Rank: 126322
i.ffx.io — Cisco Umbrella Rank: 136308
l.ffx.io — Cisco Umbrella Rank: 334808
i-dev.ffx.io — Cisco Umbrella Rank: 527779
139 KB
24 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 568
image5.pubmatic.com — Cisco Umbrella Rank: 76245
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 553
image6.pubmatic.com — Cisco Umbrella Rank: 913
image2.pubmatic.com — Cisco Umbrella Rank: 1113
simage2.pubmatic.com — Cisco Umbrella Rank: 953
image4.pubmatic.com — Cisco Umbrella Rank: 1278
t.pubmatic.com — Cisco Umbrella Rank: 2802
simage4.pubmatic.com — Cisco Umbrella Rank: 1350
157 KB
16 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
fairfaxau.demdex.net — Cisco Umbrella Rank: 586647
nd.demdex.net — Cisco Umbrella Rank: 146083
21 KB
14 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 337
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 675
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1065
s.amazon-adsystem.com — Cisco Umbrella Rank: 330
73 KB
13 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 657
fastlane.rubiconproject.com — Cisco Umbrella Rank: 544
eus.rubiconproject.com — Cisco Umbrella Rank: 669
pixel.rubiconproject.com — Cisco Umbrella Rank: 402
19 KB
13 imrworldwide.com
secure-au.imrworldwide.com — Cisco Umbrella Rank: 38501
cdn-gl.imrworldwide.com — Cisco Umbrella Rank: 2527
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1948
secure-dcr.imrworldwide.com — Cisco Umbrella Rank: 2489
ramqgrikhxntouhb6dnnciyrg9ltu1694997204.nuid.imrworldwide.com
86 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 248
94 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 268
acdn.adnxs.com — Cisco Umbrella Rank: 649
23 KB
8 googlesyndication.com
a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
tpc.googlesyndication.com — Cisco Umbrella Rank: 152
42 KB
8 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1438
htlb.casalemedia.com — Cisco Umbrella Rank: 550
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 500
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658
4 KB
8 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1408
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1562
ups.analytics.yahoo.com — Cisco Umbrella Rank: 349
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478
3 KB
8 gstatic.com
www.gstatic.com
158 KB
7 piano.io
c2-au.piano.io — Cisco Umbrella Rank: 169795
buy-au.piano.io — Cisco Umbrella Rank: 190384
57 KB
7 cxense.com
cdn.cxense.com — Cisco Umbrella Rank: 5425
p1cluster.cxense.com — Cisco Umbrella Rank: 10434
comcluster.cxense.com — Cisco Umbrella Rank: 4967
id.cxense.com — Cisco Umbrella Rank: 11052
81 KB
7 google.de
www.google.de — Cisco Umbrella Rank: 5677
adservice.google.de — Cisco Umbrella Rank: 12355
2 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 117
401 B
5 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 628
3 KB
5 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 410
www.linkedin.com — Cisco Umbrella Rank: 692
5 KB
5 dotmetrics.net
au-script.dotmetrics.net — Cisco Umbrella Rank: 56053
rm-script.dotmetrics.net — Cisco Umbrella Rank: 6172
22 KB
4 adform.net
dmp.adform.net — Cisco Umbrella Rank: 3609
c1.adform.net — Cisco Umbrella Rank: 670
3 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 3003
3 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 639
eb2.3lift.com — Cisco Umbrella Rank: 433
dmpsync.3lift.com — Cisco Umbrella Rank: 19383
1 KB
4 oribi.io
cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1189
1 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 44
21 KB
4 nine.com.au
pixel.nine.com.au — Cisco Umbrella Rank: 177069
adc-js.nine.com.au — Cisco Umbrella Rank: 163022
adc.nine.com.au — Cisco Umbrella Rank: 157072
28 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 373
1 KB
3 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3529
spl.zeotap.com — Cisco Umbrella Rank: 3388
1 KB
3 qualtrics.com
zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com — Cisco Umbrella Rank: 544082
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1080
26 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 406
793 B
3 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 23708
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 28417
897 B
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 671
mb.moatads.com — Cisco Umbrella Rank: 698
89 KB
3 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 914
platform.twitter.com — Cisco Umbrella Rank: 1154
1 KB
3 yimg.com
s.yimg.com — Cisco Umbrella Rank: 634
13 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 186
321 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1638
mab.chartbeat.com — Cisco Umbrella Rank: 2837
34 KB
2 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4301
744 B
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1314
1 KB
2 krxd.net
usermatch.krxd.net — Cisco Umbrella Rank: 2080
beacon.krxd.net — Cisco Umbrella Rank: 785
529 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 943
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 749
cdn.indexww.com — Cisco Umbrella Rank: 1773
2 KB
2 strangersponge.com
strangersponge.com — Cisco Umbrella Rank: 546236
853 B
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 151
20 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4482
617 B
2 everesttech.net
rtd-tm.everesttech.net — Cisco Umbrella Rank: 3390
680 B
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1169
1 KB
2 turn.com
d.turn.com — Cisco Umbrella Rank: 1527
ad.turn.com — Cisco Umbrella Rank: 1045
920 B
2 reddit.com
alb.reddit.com — Cisco Umbrella Rank: 1607
712 B
2 btloader.com
btloader.com — Cisco Umbrella Rank: 1098
api.btloader.com — Cisco Umbrella Rank: 1156
7 KB
2 t.co
t.co — Cisco Umbrella Rank: 590
493 B
2 parsely.com
cdn.parsely.com — Cisco Umbrella Rank: 3291
p1.parsely.com — Cisco Umbrella Rank: 2498
26 KB
2 igodigital.com
10510523.collect.igodigital.com — Cisco Umbrella Rank: 269909
nova.collect.igodigital.com — Cisco Umbrella Rank: 6918
3 KB
2 cloudfunctions.net
us-central1-adaptive-growth.cloudfunctions.net — Cisco Umbrella Rank: 3168
2 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 911
30 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 905
script.hotjar.com — Cisco Umbrella Rank: 1125
59 KB
2 licdn.com
snap.licdn.com — Cisco Umbrella Rank: 970
9 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 63
247 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 873
187 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3717
352 B
1 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3366
400 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1104
225 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 620
1001 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 767
700 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1602
283 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 888
1 KB
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1784
524 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 15396
460 B
1 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 1691
298 B
1 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1465
181 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 582
650 B
1 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 971
266 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 928
592 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 641
363 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 635
482 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1173
418 B
1 adap.tv
sync.adap.tv — Cisco Umbrella Rank: 23980
361 B
1 tubemogul.com
rtd.tubemogul.com — Cisco Umbrella Rank: 8959
272 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 364
2 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1418
201 B
1 teenytinyshirt.com
teenytinyshirt.com — Cisco Umbrella Rank: 283731
24 KB
1 gscontxt.net
fairfaxmedia.gscontxt.net — Cisco Umbrella Rank: 223815
3 KB
1 omtrdc.net
fairfaxau.sc.omtrdc.net — Cisco Umbrella Rank: 869452
264 B
1 beyondwords.io
api.beyondwords.io — Cisco Umbrella Rank: 74969
598 B
1 bizographics.com
sjs.bizographics.com — Cisco Umbrella Rank: 43468
4 KB
1 pdst.fm
cdn.pdst.fm — Cisco Umbrella Rank: 3087
6 KB
1 weare8.com
pixel.weare8.com — Cisco Umbrella Rank: 315807
3 KB
1 evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 4661
51 KB
1 redditstatic.com
www.redditstatic.com — Cisco Umbrella Rank: 1389
8 KB
1 9pub.io
adkit.9pub.io — Cisco Umbrella Rank: 255814
20 KB
1 tinypass.com
cdn.tinypass.com — Cisco Umbrella Rank: 6752
105 KB
1 cloudfront.net
d2uhnetoehh304.cloudfront.net
27 KB
340 93
Domain Requested by
24 www.afr.com www.afr.com
buy-au.piano.io
17 static.ffx.io www.afr.com
16 play.google.com www.gstatic.com
13 cm.g.doubleclick.net 11 redirects www.afr.com
13 dpm.demdex.net www.afr.com
ssum-sec.casalemedia.com
12 api.afr.com www.afr.com
10 cdnjs.cloudflare.com buy-au.piano.io
8 simage2.pubmatic.com ads.pubmatic.com
8 www.gstatic.com news.google.com
www.gstatic.com
8 ib.adnxs.com 5 redirects ads.pubmatic.com
acdn.adnxs.com
7 news.google.com www.afr.com
news.google.com
www.gstatic.com
6 buy-au.piano.io cdn.tinypass.com
buy-au.piano.io
6 www.facebook.com www.afr.com
6 i.ffx.io d2uhnetoehh304.cloudfront.net
6 cdn-gl.imrworldwide.com www.afr.com
cdn-gl.imrworldwide.com
secure-au.imrworldwide.com
5 match.prod.bidr.io 5 redirects
5 pixel.rubiconproject.com 3 redirects www.afr.com
5 s.amazon-adsystem.com 3 redirects ssum-sec.casalemedia.com
www.afr.com
5 aax-eu.amazon-adsystem.com 3 redirects ads.pubmatic.com
www.afr.com
5 token.rubiconproject.com 4 redirects www.afr.com
5 adservice.google.com www.afr.com
6633783.fls.doubleclick.net
12393262.fls.doubleclick.net
12281244.fls.doubleclick.net
5 ad.doubleclick.net 4 redirects www.afr.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 image2.pubmatic.com ads.pubmatic.com
4 i-dev.ffx.io d2uhnetoehh304.cloudfront.net
4 px.ads.linkedin.com 2 redirects www.afr.com
4 cdn.linkedin.oribi.io snap.licdn.com
4 cdn.cxense.com cdn.tinypass.com
cdn.cxense.com
4 www.google.com 1 redirects www.afr.com
tpc.googlesyndication.com
4 www.google.de www.afr.com
6633783.fls.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.afr.com
4 l.ffx.io www.afr.com
4 au-script.dotmetrics.net www.afr.com
au-script.dotmetrics.net
3 x.bidswitch.net 3 redirects
3 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
3 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
3 match.adsrvr.org ads.pubmatic.com
ssum-sec.casalemedia.com
www.afr.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 ups.analytics.yahoo.com 2 redirects
3 secure-gl.imrworldwide.com 1 redirects secure-au.imrworldwide.com
www.afr.com
3 adservice.google.de 1 redirects adservice.google.com
3 ads.pubmatic.com adkit.9pub.io
ads.pubmatic.com
3 c.amazon-adsystem.com adkit.9pub.io
c.amazon-adsystem.com
3 securepubads.g.doubleclick.net www.afr.com
securepubads.g.doubleclick.net
3 s.yimg.com www.afr.com
s.yimg.com
3 connect.facebook.net www.afr.com
connect.facebook.net
3 6633783.fls.doubleclick.net 1 redirects www.googletagmanager.com
adservice.google.com
2 pubmatic-match.dotomi.com 2 redirects
2 uipglob.semasio.net 1 redirects
2 mwzeom.zeotap.com
2 dmpsync.3lift.com 2 redirects
2 siteintercept.qualtrics.com zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com
siteintercept.qualtrics.com
2 pr-bh.ybp.yahoo.com 1 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 cr.frontend.weborama.fr 2 redirects
2 ssum-sec.casalemedia.com js-sec.indexww.com
ssum-sec.casalemedia.com
2 eus.rubiconproject.com ads.pubmatic.com
eus.rubiconproject.com
2 strangersponge.com teenytinyshirt.com
2 adc.nine.com.au adc-js.nine.com.au
2 www.googleadservices.com 6633783.fls.doubleclick.net
www.googleadservices.com
2 secure-dcr.imrworldwide.com www.afr.com
2 ads.playground.xyz ads.pubmatic.com
www.afr.com
2 ssum.casalemedia.com 2 redirects
2 rtd-tm.everesttech.net 2 redirects
2 ad-delivery.net www.afr.com
2 image5.pubmatic.com 2 redirects
2 sp.analytics.yahoo.com www.afr.com
2 alb.reddit.com www.afr.com
2 z.moatads.com adkit.9pub.io
z.moatads.com
2 nd.demdex.net www.afr.com
2 stats.g.doubleclick.net www.googletagmanager.com
www.google-analytics.com
2 analytics.twitter.com www.afr.com
2 t.co www.afr.com
2 us-central1-adaptive-growth.cloudfunctions.net cdn.pdst.fm
2 static.ads-twitter.com www.googletagmanager.com
www.afr.com
2 12393262.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 snap.licdn.com www.googletagmanager.com
snap.licdn.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 12281244.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 static.chartbeat.com www.googletagmanager.com
www.afr.com
2 www.googletagmanager.com www.afr.com
www.googletagmanager.com
1 ad.turn.com 1 redirects
1 pixel-sync.sitescout.com
1 ws.rqtrk.eu 1 redirects
1 spl.zeotap.com 1 redirects
1 pixel.onaudience.com 1 redirects
1 csync.loopme.me 1 redirects
1 bh.contextweb.com 1 redirects
1 rtb-csync.smartadserver.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 sync.srv.stackadapt.com 1 redirects
1 dsp.adfarm1.adition.com 1 redirects
1 simage4.pubmatic.com ads.pubmatic.com
1 t.pubmatic.com ads.pubmatic.com
1 dmp.v.fwmrm.net
1 beacon.krxd.net
1 usermatch.krxd.net 1 redirects
1 pixel.advertising.com 1 redirects
1 zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com www.afr.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 ads.stickyadstv.com ssum-sec.casalemedia.com
1 id.cxense.com cdn.cxense.com
1 comcluster.cxense.com cdn.cxense.com
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 p1cluster.cxense.com cdn.cxense.com
1 a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 eb2.3lift.com ads.pubmatic.com
1 acdn.adnxs.com ads.pubmatic.com
1 js-sec.indexww.com ads.pubmatic.com
1 static.adsafeprotected.com www.afr.com
1 platform.twitter.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 ps.eyeota.net 1 redirects
1 ramqgrikhxntouhb6dnnciyrg9ltu1694997204.nuid.imrworldwide.com www.afr.com
1 htlb.casalemedia.com ads.pubmatic.com
1 hbopenbid.pubmatic.com ads.pubmatic.com
1 fastlane.rubiconproject.com ads.pubmatic.com
1 tlx.3lift.com ads.pubmatic.com
1 sync.adap.tv 1 redirects
1 rtd.tubemogul.com 1 redirects
1 api.btloader.com btloader.com
1 cdn.jsdelivr.net ads.pubmatic.com
1 p1.parsely.com www.afr.com
1 nova.collect.igodigital.com www.afr.com
1 mb.moatads.com z.moatads.com
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 rm-script.dotmetrics.net www.afr.com
1 d.turn.com 1 redirects
1 www.linkedin.com 1 redirects
1 c2-au.piano.io cdn.tinypass.com
1 ping.chartbeat.net www.afr.com
1 mab.chartbeat.com static.chartbeat.com
1 teenytinyshirt.com www.afr.com
1 fairfaxmedia.gscontxt.net adkit.9pub.io
1 fairfaxau.sc.omtrdc.net www.afr.com
1 fairfaxau.demdex.net www.afr.com
1 btloader.com adkit.9pub.io
1 region1.analytics.google.com www.googletagmanager.com
1 cdn.parsely.com www.googletagmanager.com
1 10510523.collect.igodigital.com www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 api.beyondwords.io www.afr.com
1 adc-js.nine.com.au www.afr.com
1 secure-au.imrworldwide.com 1 redirects
1 sjs.bizographics.com www.afr.com
1 pixel.nine.com.au www.afr.com
1 cdn.pdst.fm www.afr.com
1 pixel.weare8.com www.afr.com
1 cdn.evgnet.com www.googletagmanager.com
1 static.hotjar.com www.afr.com
1 www.redditstatic.com www.googletagmanager.com
1 adkit.9pub.io www.afr.com
1 cdn.tinypass.com www.afr.com
1 d2uhnetoehh304.cloudfront.net www.afr.com
340 162
Subject Issuer Validity Valid
nine.com.au
COMODO RSA Organization Validation Secure Server CA		 2022-11-21 -
2023-11-21		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-08-13 -
2024-08-12		 a year crt.sh
*.news.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.9pub.io
Amazon RSA 2048 M01		 2023-02-28 -
2024-03-27		 a year crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
www.redditstatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-25 -
2024-02-21		 6 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
snap.licdn.com
DigiCert SHA2 Secure Server CA		 2023-02-01 -
2024-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
cdn.evergage.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-06 -
2024-03-04		 a year crt.sh
pixel-prod.prod.aws.the8app.com
Amazon RSA 2048 M02		 2023-02-24 -
2024-02-15		 a year crt.sh
cdn.pdst.fm
GTS CA 1D4		 2023-07-25 -
2023-10-23		 3 months crt.sh
pixel.nine.com.au
Amazon RSA 2048 M02		 2023-02-10 -
2023-11-29		 10 months crt.sh
ads-twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-21 -
2024-07-19		 a year crt.sh
js.bizographics.com
DigiCert SHA2 Secure Server CA		 2023-08-10 -
2024-08-09		 a year crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-03 -
2024-02-03		 a year crt.sh
*.api.nine.com.au
Amazon RSA 2048 M02		 2023-06-16 -
2024-07-14		 a year crt.sh
*.dotmetrics.net
Amazon RSA 2048 M02		 2023-08-23 -
2024-09-20		 a year crt.sh
t.brisbanetimes.com.au
GTS CA 1D4		 2023-08-06 -
2023-11-04		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.pe-observability-01a.apse2.k8s.ninetech.dev
Amazon RSA 2048 M01		 2022-11-16 -
2023-12-15		 a year crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
*.collect.igodigital.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-01-13		 a year crt.sh
*.parsely.com
Amazon RSA 2048 M02		 2023-05-06 -
2024-06-03		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-14 -
2023-11-14		 a year crt.sh
*.twitter.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-02 -
2024-09-01		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.gscontxt.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-08 -
2023-12-08		 a year crt.sh
teenytinyshirt.com
R3		 2023-09-09 -
2023-12-08		 3 months crt.sh
*.reddit.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-01 -
2024-02-28		 6 months crt.sh
www.google.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
*.cxense.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-13		 a year crt.sh
piano.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
linkedin.oribi.io
Amazon RSA 2048 M01		 2023-06-08 -
2024-07-07		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-20 -
2024-07-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-30 -
2023-11-22		 6 months crt.sh
api.btloader.com
GTS CA 1D4		 2023-08-11 -
2023-11-09		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-08-05 -
2023-11-03		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.nuid.imrworldwide.com
Amazon RSA 2048 M01		 2023-04-12 -
2024-05-10		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
t-dev.brisbanetimes.com.au
GTS CA 1D4		 2023-09-10 -
2023-12-09		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
strangersponge.com
R3		 2023-08-13 -
2023-11-11		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
d.adroll.com
Amazon RSA 2048 M01		 2022-11-08 -
2023-12-07		 a year crt.sh
*.qualtrics.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-27 -
2024-03-26		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-08-14 -
2023-11-06		 3 months crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh

This page contains 41 frames:

Primary Page: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: B61891630AA356FE809F6C6D499B0D8B
Requests: 184 HTTP requests in this frame

Frame: https://12281244.fls.doubleclick.net/activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: 0E5A20EF2DE61E3FA20D6C127B4B0E72
Requests: 1 HTTP requests in this frame

Frame: https://6633783.fls.doubleclick.net/activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: 74428BBB4C718397C9015620B552BE52
Requests: 1 HTTP requests in this frame

Frame: https://12393262.fls.doubleclick.net/activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736
Frame ID: F39E64C1AA690EAD1770578D75AAFA3C
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/z/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9956327951298.191
Frame ID: 08C461438856B35FB3497FF8F6AF1BF9
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: B1C09278390F3A2ED985DFD0395D3CC6
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736;~oref=https://www.afr.com/
Frame ID: 14181DBF7D4C18A18FEB6E491A6BD6AC
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: DBB63D13EFE232A2592E2C67F6D71F87
Requests: 1 HTTP requests in this frame

Frame: https://fairfaxau.demdex.net/dest5.html?d_nsid=0
Frame ID: B1912F035D9C94B1F20AB3C8F0E4D586
Requests: 11 HTTP requests in this frame

Frame: https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: 3B204510BE4E15544EBFADDEAA058306
Requests: 4 HTTP requests in this frame

Frame: https://news.google.com/swg/ui/v1/serviceiframe?_=1694997204090&sut=Ab9pFDa6gR6y0aokdS65ppocRmQygjtySSWiHCDEwskPh7YfU%2BAkfCs2uN9PxNql5B39WI0Bx1o64GmmP99vMg3irG8SrJ2%2FgZcP7ArkTkT9YIfhTw%3D%3D&publicationId=afr.com
Frame ID: A07C69D0CC7428E0E8C186DFC33A389A
Requests: 19 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Frame ID: 06B7F23424C7C17052F3F315771CB7E7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736;~oref=https://www.afr.com/
Frame ID: 41A6C45DD08359643D1CB8E11CE34531
Requests: 1 HTTP requests in this frame

Frame: https://secure-gl.imrworldwide.com/storageframe.html
Frame ID: A95718525BA4725DF0058CFA24AD69E3
Requests: 1 HTTP requests in this frame

Frame: https://z.moatads.com/hd09824092/iframe.html
Frame ID: 05DB5BE86994218A45BF56A21988D10C
Requests: 1 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: 2F6AC27923F60D165E2D2287CCC908F8
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 0E11252EFC6161A3D08CF0F02E016EA6
Requests: 1 HTTP requests in this frame

Frame: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Frame ID: 5A178868E17590B86FAF050F528DE266
Requests: 17 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A7F29293A2B8DAEC1576372EFBC0D435
Requests: 1 HTTP requests in this frame

Frame: https://cdn.cxense.com/sp1.html
Frame ID: 57BB61E5CE2D04FBCD276DFDB12F2DA0
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 858A9B5B412D7C17DF6F88C40E2A5F1A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 87F3E3DCA665DA41F670EECBE110B2B4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4A3C5B962CABDF794846E08D0EC6CCEB
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Frame ID: A72958A9D5A5B859D8B6102994DFEF44
Requests: 22 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: E84AC2DAC3E2CE39019F2C90CC9CF46A
Requests: 1 HTTP requests in this frame

Frame: https://a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D54F6FCF2D7A678383A3BB01E7966A99
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 4585D4D359987F5BBB65BDFDF246EEA1
Requests: 10 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 450EBAACF8264FA151A46F73E5618D81
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 01FB7A1B52417617F8D80EC51315997F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx
Frame ID: B025BF47159026DD779417408DB1051F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8386155878032714811&gdpr=0&gdpr_consent=
Frame ID: 2949B272B173BED6037621CCAC11BDFE
Requests: 1 HTTP requests in this frame

Frame: https://adc.nine.com.au/?appNexusUid=8386155878032714811
Frame ID: AAEBC2EF9CB611FC62134DFEBF65AAD4
Requests: 1 HTTP requests in this frame

Frame: https://nd.demdex.net/dest5.html?d_nsid=0
Frame ID: 57843D5B9DA3A3ABD7B37583FCC5ADC3
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8973F2EABC9AED6728B647D0AEA3C2B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9C16C68EBF6BC166207E71B0F7330E3E
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
Frame ID: B47AEF547D61742E2F29A77CB962CF0B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279957579472828575&gdpr=0&gdpr_consent=
Frame ID: D41BD1860A5515D1B9B45D79E54630A7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=R6TbO2zbXx9XRAzvoIhtuLBz7MU&gdpr=0&gdpr_consent=
Frame ID: 74ACBC6D373FFE26CBE8284AEEAE0B3D
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 50C324FD166D7C4BD8890EF96F3E5C79
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG9yE7KDzYAACaQhQCtCQ&gdpr=0&gdpr_consent=
Frame ID: 2242212A9F377EDF4574113DC5E8E7AF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 677025F616F3F6F91FAF52FC55AE58B5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

APRA hits Medibank Private with extra $250 million capital requirement after hack attackThe Australian Financial ReviewClose menuSearchExpandExpandExpandExpandExpandExpandExpandExpandExpandExpandExpandThe Australian Financial ReviewTwitterInstagramLinkedInFacebook

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+(?:-?rc[.\d]*)*)/angular(?:\.min)?\.js
  • \bangular.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • require.*\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/
Overall confidence: 100%
Detected patterns
  • snap\.licdn\.com/li\.lms-analytics/insight\.min\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

340
Requests

87 %
HTTPS

0 %
IPv6

93
Domains

162
Subdomains

118
IPs

9
Countries

3747 kB
Transfer

11367 kB
Size

142
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37
  • https://12281244.fls.doubleclick.net/activityi;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph HTTP 302
  • https://12281244.fls.doubleclick.net/activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Request Chain 40
  • https://6633783.fls.doubleclick.net/activityi;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph HTTP 302
  • https://6633783.fls.doubleclick.net/activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Request Chain 45
  • https://12393262.fls.doubleclick.net/activityi;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736 HTTP 302
  • https://12393262.fls.doubleclick.net/activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736
Request Chain 52
  • https://secure-au.imrworldwide.com/v60.js HTTP 301
  • https://cdn-gl.imrworldwide.com/v60.js
Request Chain 71
  • https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9956327951298.191 HTTP 302
  • https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9956327951298.191 HTTP 302
  • https://adservice.google.com/ddm/fls/z/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9956327951298.191
Request Chain 108
  • https://adservice.google.de/ddm/fls/i/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph HTTP 302
  • https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Request Chain 116
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cookiesTest=true HTTP 302
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%252C3519914%26time%3D1694997204175%26url%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cookiesTest=true&liSync=true
Request Chain 121
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8386155878032714811
Request Chain 125
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4608482896472353189
Request Chain 140
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=466%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
Request Chain 145
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE1ODg4ODY5MTM2Mzc1ODUxOTIzMjY1NDQ0NTI0ODY0NDQ1Mzk= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGzJX395Bor6gk1MrQ1ekeQ&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 154
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://rtd-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D&_test=ZQea1AALbjnM9gBT HTTP 302
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQea1AALbjnM9gBT
Request Chain 155
  • https://sync.adap.tv/demdex_user_sync HTTP 302
  • https://dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4367884955724075217
Request Chain 156
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1694997204634&ci=f2&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&sr=1600x1200&id=lstrg-476c72fdf8e7d04369248b4b213d34cd&tz=2 HTTP 302
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1694997204634&ci=f2&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&sr=1600x1200&id=lstrg-476c72fdf8e7d04369248b4b213d34cd&tz=2&ja=1
Request Chain 157
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180
Request Chain 167
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=41588886913637585192326544452486444539&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Request Chain 168
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=41588886913637585192326544452486444539&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=41588886913637585192326544452486444539&gdpr=0&gdpr_consent= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-EsDGMtNE2pFb_8wNtptlbJD4qtMtdTXiz1U-~A
Request Chain 185
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js
Request Chain 187
  • https://ad.doubleclick.net/activity;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=120844633.1694997203;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://ad.doubleclick.net/activity;dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=120844633.1694997203;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2 HTTP 302
  • https://adservice.google.com/ddm/fls/z/dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
Request Chain 215
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6633783.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKjl2NH0soEDFfUOogMd-EoGAw%3Bsrc%3D6633783%3Btype%3Dafral0%3Bcat%3Dau_af0%3Bord%3D9155367430304%3Bauiddc%3D120844633.1694997203%3Bu1%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%3Bu7%3Dundefined%3Bu8%3Dcompanies%3Bu9%3DLucas%2520Baird%3Bu10%3DCybersecurity%2520(Editorial%2520use)%3Bu11%3Dvisitor%3Bu21%3DAPRA%2520hits%2520Medibank%2520Private%2520with%2520extra%2520%2524250%2520million%2520capital%2520requirement%2520after%2520hack%2520attack%3Bgtm%3D45He&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=1ZoHZeW-AcyA7_UP6r-H-Ao&sscte=1&crd=CKG4sQI&pscrd=IhMIpf2z0vSygQMVTMC7CB3q3wGv HTTP 302
  • https://www.google.com/pagead/1p-conversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6633783.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKjl2NH0soEDFfUOogMd-EoGAw%3Bsrc%3D6633783%3Btype%3Dafral0%3Bcat%3Dau_af0%3Bord%3D9155367430304%3Bauiddc%3D120844633.1694997203%3Bu1%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%3Bu7%3Dundefined%3Bu8%3Dcompanies%3Bu9%3DLucas%2520Baird%3Bu10%3DCybersecurity%2520(Editorial%2520use)%3Bu11%3Dvisitor%3Bu21%3DAPRA%2520hits%2520Medibank%2520Private%2520with%2520extra%2520%2524250%2520million%2520capital%2520requirement%2520after%2520hack%2520attack%3Bgtm%3D45He&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIpf2z0vSygQMVTMC7CB3q3wGv&is_vtc=1&ocp_id=1ZoHZeW-AcyA7_UP6r-H-Ao&cid=CAQSKQBpAlJWwrKu3Jc-SzgmMeBxQNNq1uu22CXzfR5r8muzIqGCQvoxcjt6&random=3733983322&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6633783.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKjl2NH0soEDFfUOogMd-EoGAw%3Bsrc%3D6633783%3Btype%3Dafral0%3Bcat%3Dau_af0%3Bord%3D9155367430304%3Bauiddc%3D120844633.1694997203%3Bu1%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%3Bu7%3Dundefined%3Bu8%3Dcompanies%3Bu9%3DLucas%2520Baird%3Bu10%3DCybersecurity%2520(Editorial%2520use)%3Bu11%3Dvisitor%3Bu21%3DAPRA%2520hits%2520Medibank%2520Private%2520with%2520extra%2520%2524250%2520million%2520capital%2520requirement%2520after%2520hack%2520attack%3Bgtm%3D45He&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIpf2z0vSygQMVTMC7CB3q3wGv&is_vtc=1&ocp_id=1ZoHZeW-AcyA7_UP6r-H-Ao&cid=CAQSKQBpAlJWwrKu3Jc-SzgmMeBxQNNq1uu22CXzfR5r8muzIqGCQvoxcjt6&random=3733983322&resp=GooglemKTybQhCsO&ipr=y
Request Chain 258
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID HTTP 302
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=8386155878032714811
Request Chain 267
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 268
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx
Request Chain 269
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8386155878032714811&gdpr=0&gdpr_consent=
Request Chain 270
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zfXFSrsTSUeS0hFUNGXh5w%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 272
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2263123401 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDF5C54A-BB13-4947-92D2-11543465E1E7
Request Chain 273
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CDF5C54A-BB13-4947-92D2-11543465E1E7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDlibzJWQUJsUkhSVENrM25MaVBuNFZvUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=6271803876878150225&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0RGNUM1NEEtQkIxMy00OTQ3LTkyRDItMTE1NDM0NjVFMUU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 275
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnNfKE0Og8N1k2f64dNqsg&google_cver=1
Request Chain 277
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6271803876878150225
Request Chain 279
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lacuCXNE2uUdxc9p3YPf5xMoXrYTvaQ-~A&gdpr=0
Request Chain 283
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQea1FM-epu7ZJhQ4FVnlAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENEdTqjG80k0fGo7SYMtEGQ&google_cver=1
Request Chain 285
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 286
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPDhwXPiwxzxgDo2ENO4p1U&google_cver=1
Request Chain 290
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C2D24AE7E4E444D8A5246B5DBF49D660
Request Chain 292
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1PNUtMOU4tMVMtQUcxSQ== HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDogaxU1RhMozoSL46CC8TY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1PNUtMOU4tMVMtQUcxSQ==&google_push=
Request Chain 293
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMO5KL9N-1S-AG1I
Request Chain 294
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PL_oWRO0TTOfoP8eyojbxw&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PL_oWRO0TTOfoP8eyojbxw
Request Chain 295
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWEyNmUxMzBiZjBmNzIwZGUxNDM1ZWVmNGVhNGM3OWIzMDQzMmUyNw
Request Chain 296
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaWzjJbwsJ5l12LOFDoSuM&google_cver=1
Request Chain 297
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EyOpp4-WRz2wksjF3M402w&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EyOpp4-WRz2wksjF3M402w
Request Chain 298
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gLP0HVBKQwey-YgDCmDKlMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-56jFFDdE2oJNdYIMcIW01BQ6ZX0O8JY3w1WYBQ--~A
Request Chain 300
  • https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID HTTP 302
  • https://adc.nine.com.au/?appNexusUid=8386155878032714811
Request Chain 304
  • https://pixel.advertising.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true HTTP 301
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true
Request Chain 306
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=CDF5C54A-BB13-4947-92D2-11543465E1E7
Request Chain 308
  • https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2767998857146342851947&gdpr=0&gdpr_consent=
Request Chain 310
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=41744988649025680772310364721195617473 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41744988649025680772310364721195617473
Request Chain 327
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279957579472828575&gdpr=0&gdpr_consent=
Request Chain 328
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=R6TbO2zbXx9XRAzvoIhtuLBz7MU&gdpr=0&gdpr_consent=
Request Chain 330
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHOXlFN0tEellBQUNhUWhRQ3RDUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG9yE7KDzYAACaQhQCtCQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4502263201551589807&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAG9yE7KDzYAACaQhQCtCQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4502263201551589807%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4502263201551589807&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAG9yE7KDzYAACaQhQCtCQ&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG9yE7KDzYAACaQhQCtCQ&gdpr=0&gdpr_consent=
Request Chain 331
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 333
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CDF5C54A-BB13-4947-92D2-11543465E1E7&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CDF5C54A-BB13-4947-92D2-11543465E1E7&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 334
  • https://pixel.onaudience.com/?partner=214&mapped=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent= HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=b6ab99630b730c59 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2566843b-0762-4583-7976-d44100bd95a9&reqId=f6cc24f9-aa8f-4fde-7435-3a0c1dce3349&zcluid=b6ab99630b730c59&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFejQA_paZXeqbQaMYbcH0E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2566843b-0762-4583-7976-d44100bd95a9&reqId=f6cc24f9-aa8f-4fde-7435-3a0c1dce3349&zcluid=b6ab99630b730c59&zdid=1332
Request Chain 336
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8d425a76-d1c4-476e-b962-ec93a2e8c69f&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 338
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7be5fc9b137c1669&is_secure=true&networkId=17100&version=1&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH9jeurEIDAAMj2Sh2AAAAAAA&expiration=1695083609&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 339
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4608482896472353189&gdpr=0&gdpr_consent=&us_privacy=

340 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
www.afr.com/companies/financial-services/ 		181 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f5b77486edd5891eb9ea5bf42880b5c8e241492197b75107dc385a422afe4074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
accept-ranges
bytes
age
0
cache-control
public, max-age=30
content-encoding
gzip
content-length
44849
content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:22 GMT
etag
W/"2d389-FqDi8og1iDDx5jX8dzZozlJsgiE"
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
strict-transport-security
max-age=31536000
uber-trace-id
6584bfbe0fe9d107:6584bfbe0fe9d107:0:0
vary
Accept-Encoding
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache
MISS, MISS, MISS
x-cache-hits
0, 0, 0
x-frame-options
sameorigin
x-served-by
cache-syd10135-SYD, cache-syd10135-SYD, cache-fra-eddf8230039-FRA
x-timer
S1694997203.640003,VS0,VE60
x-varnish-grace
none(fetch fresh)
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		527 KB
167 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
c05d74cd2d25f8071e3227bd2f4800ee82c5e20af4336403ac5cf3b0177c2606
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170008
x-xss-protection
0
last-modified
Mon, 18 Sep 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Mon, 18 Sep 2023 00:33:23 GMT
sp.js
d2uhnetoehh304.cloudfront.net/2.18.2/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2uhnetoehh304.cloudfront.net/2.18.2/sp.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-71.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e60566140391e341c2fb0139d6a36214cc68a132acfb259cfbeabe5fc5c3790f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
JFn9oWi_80iJDSpl5A8l2vLm9haS4_nx
content-encoding
gzip
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
date
Sun, 17 Sep 2023 00:38:48 GMT
last-modified
Wed, 14 Jun 2023 00:43:54 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
86080
x-amz-server-side-encryption
AES256
etag
W/"0a624c4cf1d03d57f36c0054aa6db9a8"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_Qm7Folsgvw7ICJDWRgXlUL6Ta4MHEV38ngXz6v0OqLahH1HVCRvew==
tinypass.min.js
cdn.tinypass.com/api/ 		354 KB
105 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tinypass.com/api/tinypass.min.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.223.248 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a276d307b627cb4b6c187aa5a3249b1df36c36e455c5d024dee3825a82179f2
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
x-amz-version-id
7h97hANchjW.gOEyWhERYLHqBS08YMoj
content-encoding
br
cf-cache-status
HIT
strict-transport-security
max-age=86400; includeSubDomains
x-amz-request-id
D3PGRV9122EZFKG1
age
5576
x-amz-server-side-encryption
AES256
x-amz-replication-status
REPLICA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ZPoWjYRwSqhGNHzMygncOZXcNZ+S+Xb7ps5APhIeXlGZdN92S9+tauk8AWgYHTa2B7kb2u3nSjk=
last-modified
Tue, 12 Sep 2023 04:38:56 GMT
server
cloudflare
etag
W/"2d0f71117f21d67a1053abf4e5a11351"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
80857f481b39bc03-FRA
expires
Mon, 18 Sep 2023 04:33:23 GMT
3d04c913526cf7025a2924051fcc8d34be0d0adf
static.ffx.io/images/$width_140%2C$height_140/t_crop_fill%2Cq_auto:best%2Cfl_any_format/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$width_140%2C$height_140/t_crop_fill%2Cq_auto:best%2Cfl_any_format/3d04c913526cf7025a2924051fcc8d34be0d0adf
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
e259ce5f9c5928acd8a4814950b7085ce5519c2ca9fc97cc1131fbcb434160cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:22 GMT
via
1.1 varnish, 1.1 varnish
age
1710601
edge-cache-tag
387435081334299528811599256101346320330,232319851822536097488195099314647301223,5f5f4219172da4ec8104790896b11172
cache-tag
387435081334299528811599256101346320330,232319851822536097488195099314647301223,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-length
8551
x-served-by
cache-fra-eddf8230104-FRA, cache-fra-eddf8230039-FRA
x-cld-skey
387435081334299528811599256101346320330 232319851822536097488195099314647301223 5f5f4219172da4ec8104790896b11172
last-modified
Fri, 26 Mar 2021 03:02:58 GMT
server
cloudinary
x-timer
S1694997203.913692,VS0,VE1
etag
"a4097f8cd8b1ac2c6ed2f3c733ebd465"
vary
User-Agent
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
0abb9f1c37c8d3f11468789ad52ec63128045a76
static.ffx.io/images/$zoom_0.113%2C$multiply_4%2C$ratio_1.5%2C$width_756%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_620%2Cq_88%2Cf_auto/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.113%2C$multiply_4%2C$ratio_1.5%2C$width_756%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_620%2Cq_88%2Cf_auto/0abb9f1c37c8d3f11468789ad52ec63128045a76
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
37f85b3c01741cf3d709e5049947055cc6240e11409e03d5b183d469e231ee4b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish
age
0
edge-cache-tag
319937532674631485387802343821660138360,421064088620009797476647094899122521242,5f5f4219172da4ec8104790896b11172
cache-tag
319937532674631485387802343821660138360,421064088620009797476647094899122521242,5f5f4219172da4ec8104790896b11172
x-cache
MISS, MISS
content-disposition
inline; filename="0abb9f1c37c8d3f11468789ad52ec63128045a76.webp"
content-length
19520
x-cld-skey
319937532674631485387802343821660138360 421064088620009797476647094899122521242 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220059-FRA, cache-fra-eddf8230039-FRA
last-modified
Mon, 26 Jun 2023 22:34:11 GMT
server
cloudinary
surrogate-reporting
width=620,height=413,owidth=6708,oheight=4472,obytes=19645205
x-timer
S1694997203.913704,VS0,VE655
etag
"ec20d175550b22df927756a4f98ac0c2"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0
appstore.png
www.afr.com/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.afr.com/appstore.png
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c84d6be661d4efada7e358aa83934aee338445a6234e143a750fd135655a5c46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
80043
uber-trace-id
58e6441bcc4a78d2:58e6441bcc4a78d2:0:0
x-cache
MISS, HIT, HIT
content-length
5188
x-served-by
cache-syd10140-SYD, cache-syd10140-SYD, cache-fra-eddf8230039-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694830759.923445,VS0,VE12
etag
W/"1444-18a97653150"
x-frame-options
sameorigin
content-type
image/png
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 2, 2
google-play.png
www.afr.com/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.afr.com/google-play.png
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
df261a1ac56bde3337a39865654b5421ffde8088ae3bea83b628c8c573d46875
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
2495
uber-trace-id
53452b6a0d467be:53452b6a0d467be:0:0
x-cache
MISS, HIT, HIT
content-length
8489
x-served-by
cache-syd10144-SYD, cache-syd10144-SYD, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 23:10:05 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694994707.986927,VS0,VE8
etag
W/"2129-18aa56884c8"
x-frame-options
sameorigin
content-type
image/png
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 17, 2
vendorsReactRedux_client.e9225c7503a64f9fe764.chunk.js
www.afr.com/assets/ 		162 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/vendorsReactRedux_client.e9225c7503a64f9fe764.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bf5ff476eadc414cffec170c407b228070e8516b386b449d49d5728aa86296bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
269
uber-trace-id
2c696d8a506e459:2c696d8a506e459:0:0
x-cache
MISS, HIT, HIT
content-length
61094
x-served-by
cache-syd10121-SYD, cache-syd10121-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996933.218630,VS0,VE4
etag
W/"28956-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
normal hit
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 50, 1
vendorsHtmlparser2_client.b06c67d5235dc5a0e547.chunk.js
www.afr.com/assets/ 		126 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/vendorsHtmlparser2_client.b06c67d5235dc5a0e547.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a7e33547d007cea7c7c3e33abe5ca781eb00059eac5c1e9e5292cb8011f1f925
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
content-encoding
gzip
age
279
uber-trace-id
66b90bb6d5168da6:66b90bb6d5168da6:0:0
x-cache
MISS, HIT, HIT
content-length
47076
x-served-by
cache-syd10151-SYD, cache-syd10151-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996923.224572,VS0,VE15
etag
W/"1f83e-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 57, 1
vendors_client.3ccace26c3d0d20ea7f5.chunk.js
www.afr.com/assets/ 		944 KB
314 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
76ac7e86a34946e8010f4b5ec1067d3a5ade819e42e3ae7d06e0409d81451ad5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
content-encoding
gzip
age
279
uber-trace-id
293843c9f8254d32:293843c9f8254d32:0:0
x-cache
MISS, HIT, HIT
content-length
320961
x-served-by
cache-syd10151-SYD, cache-syd10151-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996923.253277,VS0,VE5
etag
W/"ec1d5-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
normal hit
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 58, 1
client.fc2995be9c2ffd5d434d.js
www.afr.com/assets/ 		711 KB
206 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ba03c55c3966c58cf6327b2436d0ed90db7224664f222081304869f70c18df38
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
content-encoding
gzip
age
300
uber-trace-id
f88b95eb119730c1:f88b95eb119730c1:0:0
x-cache
MISS, HIT, HIT
content-length
210511
x-served-by
cache-syd10131-SYD, cache-syd10182-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996903.957968,VS0,VE16
etag
W/"b1d21-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 41, 1
StandardArticleTemplate.68df869e4f9a4b6e5ef9.chunk.js
www.afr.com/assets/ 		135 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/StandardArticleTemplate.68df869e4f9a4b6e5ef9.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
84f26717d5ec530c327af115a93f9f59b79cefdcb48e1e41295b5f389a97de71
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
content-encoding
gzip
age
267
uber-trace-id
c7cc165a346bdf87:c7cc165a346bdf87:0:0
x-cache
MISS, HIT, HIT
content-length
40003
x-served-by
cache-syd10130-SYD, cache-syd10130-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996935.471662,VS0,VE7
etag
W/"21bf8-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none(fetch fresh)
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 27, 1
client.fc2995be9c2ffd5d434d.css
www.afr.com/assets/ 		189 KB
39 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.css
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc88f3441ac470237fb505fa8330ae345fe2764fb7a8110dac3daabb485d63a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
content-encoding
gzip
age
260
uber-trace-id
9361f608f66a500f:9361f608f66a500f:0:0
x-cache
MISS, HIT, HIT
content-length
39336
x-served-by
cache-syd10135-SYD, cache-syd10135-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996943.171443,VS0,VE4
etag
W/"2f261-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
normal hit
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 10, 1
StandardArticleTemplate.68df869e4f9a4b6e5ef9.chunk.css
www.afr.com/assets/ 		75 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/StandardArticleTemplate.68df869e4f9a4b6e5ef9.chunk.css
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a195f754fc9029746c989a7e99b775c01da4c2f1c924928c2e6644f2e3cb7e34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:22 GMT
content-encoding
gzip
age
288
uber-trace-id
7e48cb86c62bf7d3:7e48cb86c62bf7d3:0:0
x-cache
MISS, HIT, HIT
content-length
15896
x-served-by
cache-syd10171-SYD, cache-syd10171-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996914.385747,VS0,VE12
etag
W/"12bec-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 8, 1
9a774230.svg
www.afr.com/assets/ 		3 KB
838 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.afr.com/assets/9a774230.svg
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
bcf86c48df6f76b921cce4d3b354c52312027494dbac002cf58ff39ca8593ff5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
15905744
uber-trace-id
b121b651bab26983:b121b651bab26983:0:0
x-cache
HIT, HIT
content-length
471
x-served-by
cache-syd10142-SYD, cache-fra-eddf8230039-FRA
last-modified
Thu, 16 Mar 2023 01:56:45 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
etag
W/"bf5-186e8224348"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
13304, 2
suecanano-regular-webfont.woff2
www.afr.com/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecanano-regular-webfont.woff2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
33812
uber-trace-id
7b5e6dadca4f198b:7b5e6dadca4f198b:0:0
x-cache
MISS, HIT, HIT
content-length
18020
x-served-by
cache-syd10175-SYD, cache-syd10175-SYD, cache-fra-eddf8230039-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694790590.470248,VS0,VE13
etag
W/"4664-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
vary
Origin
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 5, 2
suecahd-regular-webfont.woff2
www.afr.com/fonts/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecahd-regular-webfont.woff2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
31129
uber-trace-id
323364bf8a904f1b:323364bf8a904f1b:0:0
x-cache
MISS, HIT, HIT
content-length
22968
x-served-by
cache-syd10178-SYD, cache-syd10178-SYD, cache-fra-eddf8230039-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694793272.901525,VS0,VE51
etag
W/"59b8-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
vary
Origin
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 4, 2
suecahd-regularitalic-webfont.woff2
www.afr.com/fonts/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecahd-regularitalic-webfont.woff2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fa84adaa52138db2f2ca946b1e3ce31105a39a9a1f1b5fb25ad456241c2d0e73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
30224
uber-trace-id
b4c39e365caac2ae:b4c39e365caac2ae:0:0
x-cache
MISS, HIT, HIT
content-length
24396
x-served-by
cache-syd10148-SYD, cache-syd10148-SYD, cache-fra-eddf8230039-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694794177.243898,VS0,VE11
etag
W/"5f4c-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
vary
Origin
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 1, 2
suecanano-semibold-webfont.woff2
www.afr.com/fonts/ 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecanano-semibold-webfont.woff2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
22098
uber-trace-id
2aa0f46ba9bc369:2aa0f46ba9bc369:0:0
x-cache
MISS, HIT, HIT
content-length
17904
x-served-by
cache-syd10130-SYD, cache-syd10130-SYD, cache-fra-eddf8230039-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694802303.204162,VS0,VE11
etag
W/"45f0-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
vary
Origin
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 3, 2
suecahd-bold-webfont.woff2
www.afr.com/fonts/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecahd-bold-webfont.woff2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Origin
https://www.afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:22 GMT
age
19193
uber-trace-id
c56e8e302bb9783e:c56e8e302bb9783e:0:0
x-cache
MISS, HIT, HIT
content-length
22596
x-served-by
cache-syd10154-SYD, cache-syd10154-SYD, cache-fra-eddf8230039-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694805208.193235,VS0,VE9
etag
W/"5844-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
vary
Origin
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 5, 2
c7dae3bd02bb026e63c67303ad7f57a0.sprite.svg
www.afr.com/assets/svg/ 		113 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/svg/c7dae3bd02bb026e63c67303ad7f57a0.sprite.svg
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2240ebc38ba06fc2d24a711c469627765d3bfeb5750cb91371c26501f744dd40
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:23 GMT
age
2327538
uber-trace-id
6e4ec0f0be28a799:6e4ec0f0be28a799:0:0
x-cache
HIT, HIT
content-length
44746
x-served-by
cache-syd10143-SYD, cache-fra-eddf8230039-FRA
last-modified
Tue, 22 Aug 2023 01:40:58 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
etag
W/"1c2dc-18a1ae6f410"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
13392, 3
0.3784de70254d4c4b1b4c.chunk.js
www.afr.com/assets/ 		235 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/0.3784de70254d4c4b1b4c.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8573ecbf492be60781e182db8d4c0ae5f6c71cb71cf6f48e6147f4a0119646b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
age
288
uber-trace-id
970fb2a5d467be51:970fb2a5d467be51:0:0
x-cache
MISS, HIT, HIT
content-length
78608
x-served-by
cache-syd10176-SYD, cache-syd10178-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996915.956808,VS0,VE14
etag
W/"3acca-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 24, 1
69.80b9b551ab7c15d33e11.chunk.css
www.afr.com/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/69.80b9b551ab7c15d33e11.chunk.css
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
abd6ddb198092af7116da7cf320779a38dde7fb7779d58a6c4f659d1d4f3a901
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
255
uber-trace-id
a37ba06442e813be:a37ba06442e813be:0:0
x-cache
MISS, HIT, HIT
content-length
1264
x-served-by
cache-syd10148-SYD, cache-syd10148-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996948.280279,VS0,VE7
etag
W/"ccd-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
text/css; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 18, 1
69.80b9b551ab7c15d33e11.chunk.js
www.afr.com/assets/ 		162 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/69.80b9b551ab7c15d33e11.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e882237c6f66510cfdb11a04947ecf5416fde1de9a841932f18f4faa58956016
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
age
255
uber-trace-id
6ed3e5a19c335999:6ed3e5a19c335999:0:0
x-cache
MISS, HIT, HIT
content-length
58773
x-served-by
cache-syd10148-SYD, cache-syd10148-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996948.280549,VS0,VE10
etag
W/"28953-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 18, 1
graphql
api.afr.com/ 		239 B
492 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20PaywallBypassMemberDetailsQuery(%24input%3A%20PaywallBypassInput!)%20%7B%20paywallBypass(input%3A%20%24input)%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20result%20%7B%20type%20%7D%20%7D%20memberDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20member%20%7B%20profile%20%7B%20displayName%20email%20roles%20%7B%20accountId%20role%20%7D%20shortID%20type%20%7D%20%7D%20%7D%20memberSubscriptionDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20subscription%20%7B%20entitlements%20plans%20%7D%20%7D%20%7D%20&operationName=PaywallBypassMemberDetailsQuery&variables=%7B%22input%22%3A%7B%22brand%22%3A%22AFR%22%2C%22bypassURL%22%3A%22https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%22%2C%22referrer%22%3A%22%22%7D%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5ff935b8023897a83befbded76ec4f7d60037e254183847c7b1003aa306cdc3

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10124-SYD, cache-syd10158-SYD, cache-fra-eddf8230039-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer
S1694997203.418130,VS0,VE5
vary
Origin, Accept-Encoding
x-cache
MISS, MISS, MISS
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
private, max-age=0
access-control-allow-credentials
true
x-varnish-grace
none
accept-ranges
bytes
content-length
239
x-cache-hits
0, 0, 0
p5dhy6
api.afr.com/api/content/v0/assets/ 		10 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/api/content/v0/assets/p5dhy6
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a711c4e43a7524d926c437385be85fb0d12cb063920db6a68bfd433cef8c730

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10179-SYD, cache-syd10177-SYD, cache-fra-eddf8230094-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-timer
S1694997204.743522,VS0,VE9
age
0
vary
Accept-Encoding
x-cache
MISS, MISS, MISS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30
x-varnish-grace
none(fetch fresh)
accept-ranges
bytes
content-length
3546
x-cache-hits
0, 0, 0
p5dgf7
api.afr.com/api/content/v0/assets/ 		19 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/api/content/v0/assets/p5dgf7
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ac48bd8b3cb7f53c0e9f95053c5657a26ab8fd6e404a2068395262f8c3de5535

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10165-SYD, cache-syd10167-SYD, cache-fra-eddf8230094-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
x-timer
S1694997204.759551,VS0,VE13
age
0
vary
Accept-Encoding
x-cache
MISS, MISS, MISS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30
x-varnish-grace
none(fetch fresh)
accept-ranges
bytes
content-length
7314
x-cache-hits
0, 0, 0
graphql
api.afr.com/ 		145 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20ParentAssetQuery(%24childId%3A%20String!%2C%20%24parentId%3A%20String)%20%7B%20relatedParentAsset(childId%3A%20%24childId%2C%20parentId%3A%20%24parentId)%20%7B%20asset%20%7B%20about%20assetType%20headlines%20%7B%20headline%20%7D%20label%20shortId%20subType%20tags%20%7B%20primaryTag%20%7B%20...AssetTagAudience%20%7D%20secondary%20%7B%20...AssetTagAudience%20%7D%20%7D%20urls%20%7B%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20assetJSON%20%7B%20extensions%20%7D%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetTagAudience%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20&operationName=ParentAssetQuery&variables=%7B%22childId%22%3A%22p5djph%22%2C%22parentId%22%3A%22%22%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b2bbac8ef34bc3259e9b5f3d6d8a40d386f96abe7dc45d926fc76ee7ca2dd45a

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
0
x-cache
MISS, MISS, MISS
content-length
126
x-served-by
cache-syd10159-SYD, cache-syd10144-SYD, cache-fra-eddf8230039-FRA
x-timer
S1694997203.429139,VS0,VE8
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
public, max-age=60
access-control-allow-credentials
true
x-varnish-grace
none
accept-ranges
bytes
x-cache-hits
0, 0, 0
graphql
api.afr.com/ 		196 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20memberDetailsAndSubscriptions%20%7B%20memberDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20member%20%7B%20profile%20%7B%20displayName%20email%20roles%20%7B%20accountId%20role%20%7D%20shortID%20type%20%7D%20%7D%20%7D%20memberSubscriptionDetails%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20subscription%20%7B%20entitlements%20plans%20%7D%20%7D%20%7D%20&operationName=memberDetailsAndSubscriptions&variables=%7B%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
714892f1fc598fef48b0331e7af69cdac69bfb2cec684d199b8650da4a278c75

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10180-SYD, cache-syd10180-SYD, cache-fra-eddf8230039-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer
S1694997203.434616,VS0,VE4
vary
Origin, Accept-Encoding
x-cache
MISS, MISS, MISS
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
private, max-age=0
access-control-allow-credentials
true
x-varnish-grace
none
accept-ranges
bytes
content-length
196
x-cache-hits
0, 0, 0
graphql
api.afr.com/ 		165 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20Account%20%7B%20account%20%7B%20autoplay%20error%20%7B%20message%20type%20%7D%20location%20%7B%20postCode%20state%20suburb%20%7D%20onboarding%20%7B%20newsfeed%20tags%20%7D%20%7D%20%7D%20&operationName=Account&variables=%7B%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
07a7e43a30c29cd24df54879f4fc788b60a76962f3b3c5623717c19762240225

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10175-SYD, cache-syd10175-SYD, cache-fra-eddf8230039-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer
S1694997203.432401,VS0,VE5
vary
Origin, Accept-Encoding
x-cache
MISS, MISS, MISS
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
private, max-age=0
access-control-allow-credentials
true
x-varnish-grace
none
accept-ranges
bytes
content-length
165
x-cache-hits
0, 0, 0
graphql
api.afr.com/ 		104 B
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20isAssetInSavedList(%24assetID%3A%20String!%2C%20%24brand%3A%20Brand!)%20%7B%20isAssetInSavedList(input%3A%20%7BassetID%3A%20%24assetID%2C%20brand%3A%20%24brand%7D)%20%7B%20isSaved%20error%20%7B%20message%20%7D%20%7D%20%7D%20&operationName=isAssetInSavedList&variables=%7B%22assetID%22%3A%22p5djph%22%2C%22brand%22%3A%22afr%22%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
54b3121637851046e882df8591a9f2c4472adc2f0c39290cd583e9fccf1aace0

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10173-SYD, cache-syd10124-SYD, cache-fra-eddf8230039-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer
S1694997203.434041,VS0,VE4
vary
Origin, Accept-Encoding
x-cache
MISS, MISS, MISS
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
private, max-age=0
access-control-allow-credentials
true
x-varnish-grace
none
accept-ranges
bytes
content-length
104
x-cache-hits
0, 0, 0
71.152a3f499ae7e63a66f8.chunk.js
www.afr.com/assets/ 		351 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/assets/71.152a3f499ae7e63a66f8.chunk.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f7d70a188cc9b9d9b7ef6c03d4ef78cff44506cfd92582772416ddc39d865ab8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
age
266
uber-trace-id
c9c2965644d5b248:c9c2965644d5b248:0:0
x-cache
MISS, HIT, HIT
content-length
95474
x-served-by
cache-syd10150-SYD, cache-syd10125-SYD, cache-fra-eddf8230039-FRA
last-modified
Mon, 18 Sep 2023 00:11:37 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694996937.277589,VS0,VE6
etag
W/"57c23-18aa5a0daa8"
x-frame-options
sameorigin
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=31557600
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
accept-ranges
bytes
x-cache-hits
0, 16, 1
%2F
api.afr.com/api/content/v2/brands/afr/renders/web/pages/ 		429 KB
86 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/api/content/v2/brands/afr/renders/web/pages/%2F
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
321f92ae61e78e3331b57c52504c5207207020346418626c42bc257a63641977

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
cache-syd10183-SYD, cache-syd10176-SYD, cache-fra-eddf8230094-FRA
date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer
S1694997202.156930,VS0,VE227
age
1
vary
Accept-Encoding
x-cache
MISS, HIT, MISS
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=30
x-varnish-grace
none(fetch fresh)
accept-ranges
bytes
content-length
88165
x-cache-hits
0, 11, 0
swg.js
news.google.com/swg/js/v1/ 		201 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
918f6fef2671add0c34e4265bacb09f8fcb0d3ed95fbf018eb0d95dd8ab59644
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:01:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
59488
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 17:00:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/javascript
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 00:51:25 GMT
v1
adkit.9pub.io/ 		70 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adkit.9pub.io/v1
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/client.fc2995be9c2ffd5d434d.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-9.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
594b1880b788bef3e6ca9c9791268c5fbaa6a853e36995a0349f16c87b7a677c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:01:57 GMT
Content-Encoding
gzip
Via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
Last-Modified
Tue, 05 Sep 2023 04:50:14 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA56-P5
Age
1886
ETag
W/"210cfde88ca27c0414c90c6693c29be2"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Cache-Control
max-age=3600
Connection
keep-alive
X-Amz-Cf-Id
xCOtxZQsANsWmNjIVlQ33HykS4q49sqmZrnPNZ9YmVcVLVM2evGnaQ==
graphql
api.afr.com/ 		46 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20PageContentByPageType(%24brand%3A%20Brand!%2C%20%24pageType%3A%20PageType!%2C%20%24render%3A%20Render!)%20%7B%20pageContentByPageType(brand%3A%20%24brand%2C%20pageType%3A%20%24pageType%2C%20render%3A%20%24render)%20%7B%20contentUnits%20%7B%20assets%20%7B%20...AssetFragment%20sponsor%20%7B%20name%20%7D%20%7D%20config%20%7B%20heading%20headingLink%20%7D%20name%20%7D%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20...AssetTagAudience%20shortID%20slug%20%7D%20fragment%20AssetTagAudience%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20altText%20aspect%20autocrop%20caption%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=PageContentByPageType&variables=%7B%22brand%22%3A%22AFR%22%2C%22pageType%22%3A%22article%22%2C%22render%22%3A%22WEB%22%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
975bc24cbaa24310fb1f20cf523c1b60d3951bef329f9972741940a7258775c2

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
6
x-cache
MISS, HIT, MISS
content-length
10221
x-served-by
cache-syd10177-SYD, cache-syd10177-SYD, cache-fra-eddf8230039-FRA
x-timer
S1694997197.987458,VS0,VE83
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
public, max-age=30
access-control-allow-credentials
true
x-varnish-grace
none(fetch fresh)
accept-ranges
bytes
x-cache-hits
0, 28, 0
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.255.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-255-75.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 16:55:59 GMT
content-encoding
gzip
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Wed, 28 Jun 2023 00:37:14 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
27444
etag
W/"649b80ba-5df1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
7INC0RhNz79_fQvX7Bwy8pyautAy03Il2t1vhEBV5CS_eGJ926TmlQ==
expires
Mon, 18 Sep 2023 16:55:59 GMT
activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits...
12281244.fls.doubleclick.net/ Frame 0E5A
Redirect Chain
  • https://12281244.fls.doubleclick.net/activityi;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-h...
  • https://12281244.fls.doubleclick.net/activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompa...
760 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12281244.fls.doubleclick.net/activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
3604593299255fb95aee4eeb8f0ef97b923c0dfd3dde91a1dbb9ef35fd1c532b
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
356
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12281244.fls.doubleclick.net/activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pixel.js
www.redditstatic.com/ads/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.redditstatic.com/ads/pixel.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
snooserv /
Resource Hash
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
last-modified
Thu, 15 Jun 2023 20:49:59 GMT
server
snooserv
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
etag
"4a205643a240cb95fa82289d62b5af7e"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
application/javascript
cache-control
public, max-age=60
accept-ranges
bytes
content-length
7409
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-1006500043/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/AW-1006500043/?random=1694997203426&cv=11&fst=1694997203426&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&hn=www.googleadservices.com&frm=0&tiba=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack&auid=120844633.1694997203&uamb=0&uaw=0&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
50fd09ca33ad472a74c132aef209b4568bfc7fbbf08cd86981e529c9b6dcb20c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1414
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hit...
6633783.fls.doubleclick.net/ Frame 7442
Redirect Chain
  • https://6633783.fls.doubleclick.net/activityi;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-h...
  • https://6633783.fls.doubleclick.net/activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompa...
973 B
660 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6633783.fls.doubleclick.net/activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
0873aec3ccdf4dcc11523da143b04722167554c1b30ed4dc1fe4d0e2b1ab1aa0
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
484
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://6633783.fls.doubleclick.net/activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
insight.min.js
snap.licdn.com/li.lms-analytics/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=29662
accept-ranges
bytes
content-length
3822
fbevents.js
connect.facebook.net/en_US/ 		197 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Sep 2023 00:33:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
53155
x-xss-protection
0
pragma
public
x-fb-debug
NPN36428D6Ppm/L8HIzmdouLv/MeKyRKr09+w37igHmsLGxKnRTORZIH4H5QHYi5HNkUbCLzeMrtq+jjYQvwdw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
hotjar-182799.js
static.hotjar.com/c/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-182799.js?sv=6
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-30.fra60.r.cloudfront.net
Software
/
Resource Hash
fdd0c5dfe26ff3888b61cad19a55ed3874ccb74a7ae5f41f3fa0b964811766aa
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:32:50 GMT
via
1.1 a4233498d2bd44dbd411d60d86f8334e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P2
age
33
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/c4c563544a096c645b2ac4a5683d5fab
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
CDZmswB3iMOFgx9bESUofktruW83eVkiwYqtZXKhCklaftIDP01HRQ==
ytc.js
s.yimg.com/wi/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:04 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
EB5F0BPX2QR68KZX
age
20
x-amz-server-side-encryption
AES256
x-amz-id-2
PzLZgxkV4TfwO5Q1CDApAGZLvlg5xnd2tGKpDzxI18xE1OwcGTo5oEO/xdpxqepBylslS7BViLHkverfykj69wfGOpaKHBg8
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_7...
12393262.fls.doubleclick.net/ Frame F39E
Redirect Chain
  • https://12393262.fls.doubleclick.net/activityi;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSEN...
  • https://12393262.fls.doubleclick.net/activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGD...
557 B
479 B 		Document
General
Check archive.org
Download Go to
Full URL
https://12393262.fls.doubleclick.net/activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
9d0980f4f630b76580eedd2ef72c78f094d4d006a9cce10f0242d6134a0554a2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://12393262.fls.doubleclick.net/activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
evergage.min.js
cdn.evgnet.com/beacon/fairfaxmediapublications/production_afr/scripts/ 		198 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evgnet.com/beacon/fairfaxmediapublications/production_afr/scripts/evergage.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.64.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
555ba91c0737e118db5cc53b2a84d270db79476962ef7901f5d98b188243988a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
bhPQADp37cuJ3VJJ5E3_79qg7HBon4W4
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:23 GMT
x-amz-request-id
4DATD0E0FXEZQT2Z
age
83
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
x-amz-replication-status
COMPLETED
content-length
51874
x-amz-id-2
wlOIYGYznNWO55dJPOIri9/kC09VJz6eFi3k9L2ntu6hPa0ErNN97VKJdfoN5XLPtmkHD5hPRr/3SLpFfSHT/XvDq5ODZ956LkDNQwnxJRI=
x-served-by
cache-iad-kjyo7100093-IAD, cache-fra-eddf8230045-FRA
x-amz-meta-evergage-sum
deecc5ae674ea92c56f34f6138ba4ed0fc79ee6b
last-modified
Fri, 01 Sep 2023 00:49:52 GMT
server
AmazonS3
x-timer
S1694997203.496663,VS0,VE1
etag
"9203dd3c1f69d557e681ba5019ff7e73"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=120
accept-ranges
bytes
timing-allow-origin
*
x-amz-meta-evergage-beacon-ver
16
x-cache-hits
473195, 1
eightpixel.min.js
pixel.weare8.com/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.weare8.com/eightpixel.min.js?t=1695081600000
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-58.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7553064948d4102e634d107f03e7368b9d5d7b8a5b3e1c70f6ce636ae437a084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 05:04:58 GMT
content-encoding
gzip
via
1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
last-modified
Fri, 15 Jul 2022 10:55:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
70105
etag
W/"39bd70af6fecba11cec0bcb50d8568f4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
m0o_khQDzXQwVPo-1pabJndDn5K67DmHCNmR9dxOfWF8Id85_nshMA==
ping.min.js
cdn.pdst.fm/ 		26 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pdst.fm/ping.min.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.142.80 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
80.142.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:30:50 GMT
content-encoding
gzip
age
153
x-guploader-uploadid
ADPycdvWXpu4aA18L2CrErSyxRcCAmLheI7nRlOVGcFSnWxq3CPcg_KFlA6JuIdzuA2nduYMM9o6dUsHke5HJXoXszTCSQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5774
last-modified
Fri, 28 May 2021 20:34:03 GMT
server
UploadServer
etag
"d001d1c9f5a942fa5524eeacb047e819"
vary
Accept-Encoding
x-goog-generation
1622234043862937
x-goog-hash
crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
5774
accept-ranges
bytes
content-type
application/javascript;
expires
Mon, 18 Sep 2023 01:30:50 GMT
/
pixel.nine.com.au/ 		70 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.nine.com.au/?advertiser=NineRadioSegments&site_section=afr_companies
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.64.218.213 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-64-218-213.ap-southeast-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
server
awselb/2.0
content-length
70
content-type
image/png
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100147-IAD, cache-fra-eddf8230089-FRA
insight.min.js
sjs.bizographics.com/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.155 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
163
date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 05 Sep 2023 13:41:52 GMT
x-cdn
AKAM
x-edgeconnect-midmile-rtt
0
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=9496
accept-ranges
bytes
content-length
3822
v60.js
cdn-gl.imrworldwide.com/
Redirect Chain
  • https://secure-au.imrworldwide.com/v60.js
  • https://cdn-gl.imrworldwide.com/v60.js
21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/v60.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
PmT0ztgo6pW7kPCi5f5AnKDRXRQLwscI
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Sun, 17 Sep 2023 03:30:56 GMT
last-modified
Mon, 25 Jul 2022 13:33:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
75748
x-amz-server-side-encryption
AES256
etag
W/"3bad78b036ef952c6ace672b2251b459"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
8iONd-t_lnw-HOhYCdrLqzqpQb5IAar3ux4FswbS-RJA8b3rl5Vcfw==

Redirect headers

location
https://cdn-gl.imrworldwide.com:443/v60.js
date
Mon, 18 Sep 2023 00:33:23 GMT
server
awselb/2.0
content-length
134
content-type
text/html
ggcmb510.js
cdn-gl.imrworldwide.com/novms/js/2/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
wbaR8ho9tpuhBevQ_JaMtDTpiXVp8zI4
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Mon, 18 Sep 2023 00:29:40 GMT
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
225
x-amz-server-side-encryption
AES256
etag
W/"afa0d379b1e6e0a61fad577d0043ff26"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Yf1LHR6PV_aytXQ2soNZDi0mmBNH34e_9FM_eE3R1fTCH-9H9ftgfw==
adc.js
adc-js.nine.com.au/ 		89 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adc-js.nine.com.au/adc.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9818a857627f6d7edd433bed71814155b78019dfad67db10bd2e10d14f7a41af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:30:49 GMT
content-encoding
gzip
via
1.1 f9c16664a13e70e73a4e280c7a0f2266.cloudfront.net (CloudFront)
last-modified
Mon, 18 Sep 2023 00:23:31 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P4
age
155
x-amz-server-side-encryption
AES256
etag
W/"ea273a9b35ed85a18077b9f26b468be3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300
x-amz-cf-id
oShsVOODRRk1MZIuLyK_eBu06DdXI9RDVG1bRhMaSQRx3ET3-BJkkg==
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
6eaca64feebc3de76c12df11756c5fe33c4f754e24b8cac68a276824c64382d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28930
x-xss-protection
0
server
cafe
etag
645 / 19618 / m202309120101 / config-hash: 14175700841114183422
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 00:33:24 GMT
door.js
au-script.dotmetrics.net/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/door.js?d=www.afr.com&t=companies
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-94.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
e10391c94fa3ee18888591df80df27c4e45869c2fefa5b964de5646e2ddb9b6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
br
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA60-P1
etag
".www.afr.com.companies.232.2023091800"
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
private
x-amz-cf-id
Y8byi-SgNzb3oMQ9hHf9P9IHFd3Z_1X5h0atWNnzD942RrGeZqoiGg==
graphql
api.afr.com/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20FinancialStockRelatedQuotes(%24symbol%3A%20String!)%20%7B%20quoteFull%3A%20financialStockSummaryQuote(symbol%3A%20%24symbol)%20%7B%20...FinancialStockRelatedSummaryQuoteFragment%20%7D%20quoteHistory%3A%20financialStockHistoricalQuotes(%20interval%3A%20DAILY_1_YEAR%20symbol%3A%20%24symbol%20)%20%7B%20...FinancialStockRelatedHistoricalQuotesChartFragment%20%7D%20quoteIntradayTrades%3A%20financialStockHistoricalQuotes(%20interval%3A%20FIVE_MINUTES_1_DAY%20symbol%3A%20%24symbol%20)%20%7B%20...FinancialStockIntradayRelatedQuotesChartFragment%20%7D%20%7D%20fragment%20FinancialStockRelatedHistoricalQuotesChartFragment%20on%20FinancialStockHistoricalQuotesResponse%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20quotes%20%7B%20date%3A%20time%20close%20%7D%20%7D%20fragment%20FinancialStockIntradayRelatedQuotesChartFragment%20on%20FinancialStockHistoricalQuotesResponse%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20quotes%20%7B%20date%3A%20time%20salePrice%3A%20close%20%7D%20%7D%20fragment%20FinancialStockRelatedSummaryQuoteFragment%20on%20FinancialStockSummaryQuoteResponse%20%7B%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20quote%20%7B%20last%3A%20lastPrice%20lastUpdated%3A%20providerUpdateTime%20open%3A%20openPrice%20previousClose%20%7D%20%7D%20&operationName=FinancialStockRelatedQuotes&variables=%7B%22symbol%22%3A%22ASX_MPL%22%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fcff9c71b8d8336b9c2aba86ac51ee672c017ffaf18fcb11727186334f995bd6

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
12
x-cache
MISS, HIT, MISS
content-length
1493
x-served-by
cache-syd10175-SYD, cache-syd10157-SYD, cache-fra-eddf8230039-FRA
x-timer
S1694997191.147584,VS0,VE29
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
public, max-age=60
access-control-allow-credentials
true
x-varnish-grace
none(fetch fresh)
accept-ranges
bytes
x-cache-hits
0, 3, 0
p5djph
api.beyondwords.io/v1/projects/34966/player/by_source_id/ 		34 B
598 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.beyondwords.io/v1/projects/34966/player/by_source_id/p5djph
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/71.152a3f499ae7e63a66f8.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
538169f78667003113493de4800bdc406db5ac368d158d5b193561315e2b4e20
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
MISS
via
1.1 vegur
x-permitted-cross-domain-policies
none
content-encoding
gzip
x-xss-protection
1; mode=block
x-request-id
3ffbc6ef-a451-4980-9c8e-9acd84f17e3c
x-runtime
0.012933
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, POST, PATCH, OPTIONS, DELETE, PUT
access-control-allow-origin
*
access-control-expose-headers
cache-control
public, max-age=300
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
cf-ray
80857f4c8f8c9110-FRA
expires
Mon, 18 Sep 2023 00:38:23 GMT
modules.afe18b03a2724895a0ac.js
script.hotjar.com/ 		223 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.afe18b03a2724895a0ac.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-182799.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.236.63 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-236-63.fra56.r.cloudfront.net
Software
/
Resource Hash
2511f97f0c01a302b753d9697deba3a0bc995f3ea0ec5ac7e9db919cdb7d44f5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Fri, 15 Sep 2023 08:50:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 e59bea79ab5f15feda92136bc7b74158.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P4
age
229397
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
55728
last-modified
Fri, 15 Sep 2023 08:50:05 GMT
etag
"50b731696057a5c499ba8226c71b47ed"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
EObcWKxLDJg7SjDTKyuhZVFV7DHFWpPG3UvYMeNuOL07mMOrY-jboQ==
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.168.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.168.110.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.afr.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 18 Sep 2023 00:33:23 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
5d7afb84f81f4ae75cff293ec179dbf6
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ 		2 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.18.2/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.168.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.168.110.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.afr.com
x-cloud-trace-context
375c01f69a6c3f6683ba3bd5484e3a31
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Requested by
Host: cdn.pdst.fm
URL: https://cdn.pdst.fm/ping.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
server
Google Frontend
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
x-powered-by
Express
access-control-allow-methods
GET, POST
content-type
text/html
access-control-allow-origin
*
x-cloud-trace-context
540e0560754189f7624d58f378f3aa87
function-execution-id
81cn4sti116u
access-control-allow-headers
Content-Type, Accept
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pdst-events-prod-sink
us-central1-adaptive-growth.cloudfunctions.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://us-central1-adaptive-growth.cloudfunctions.net/pdst-events-prod-sink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.36.54 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-headers
Content-Type, Accept
access-control-allow-methods
GET, POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
gzip
content-length
22
content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:23 GMT
etag
W/"2-ROqGvmcGDXooyAXFZHZ+i4au1yQ"
function-execution-id
5x71wwb9uf8x
server
Google Frontend
x-cloud-trace-context
1e810526250b0e20fb4eaa446102ea12
x-powered-by
Express
/
l.ffx.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://l.ffx.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.82.44 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-82-44.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Sep 2023 00:33:24 GMT
/
l.ffx.io/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.ffx.io/
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.82.44 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-82-44.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 18 Sep 2023 00:33:25 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
2
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sun, 17 Sep 2023 23:49:43 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2621
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 18 Sep 2023 01:49:43 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		70 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.255.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-255-75.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:04:11 GMT
content-encoding
gzip
via
1.1 8e04f5d6c745b231c10fce7c2aa9c70e.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:52:49 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
1752
etag
W/"64d2e361-1197e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
-QzF5hiBc_G2RykpNoDNWmHMPcC-fkIIMNOF8qxnlAewEGP-kcLh_Q==
expires
Tue, 19 Sep 2023 00:04:11 GMT
id
dpm.demdex.net/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=1.8.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=BEB5C8A15492DB600A4C98BC%40AdobeOrg&d_nsid=0&ts=1694997203593
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3e3605a50f63f4cbdd2dace46871df9ada77e657abb38bc7ad64b60179b982dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v050-0ae218911.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
4imdM9UXR5s=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.afr.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
874
Expires
Thu, 01 Jan 1970 00:00:00 UTC
collect.js
10510523.collect.igodigital.com/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10510523.collect.igodigital.com/collect.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.106.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-106-202.compute-1.amazonaws.com
Software
/
Resource Hash
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
gzip
last-modified
Thu, 14 Sep 2023 17:36:22 GMT
vary
Accept-Encoding
content-type
application/javascript
p.js
cdn.parsely.com/keys/afr.com/ 		72 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/afr.com/p.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-59.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
c99bb554f568a8bfa9c4ebf178407e1fe47e531cd6f1a8f520d3b5c6942deb50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
public
date
Sun, 17 Sep 2023 04:50:56 GMT
content-encoding
gzip
via
1.1 ab68583a58d574d6a9e5fca1fb1e6316.cloudfront.net (CloudFront)
last-modified
Mon, 04 Apr 2022 21:02:58 GMT
server
nginx
x-amz-cf-pop
FRA56-P6
age
70948
etag
W/"624b5d02-11f4e"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400, public
x-amz-cf-id
X4ummIH7dj6YvyV9SWSx7GMS1EffbSPm16pjN6amoJZWdM3KhVqBJg==
expires
Mon, 18 Sep 2023 04:50:56 GMT
src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5dj...
adservice.google.com/ddm/fls/z/ Frame 08C4
Redirect Chain
  • https://ad.doubleclick.net/ddm/activity/src=6633783;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-2023062...
  • https://ad.doubleclick.net/ddm/activity/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-...
  • https://adservice.google.com/ddm/fls/z/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-2...
42 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/z/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9956327951298.191
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
42
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://adservice.google.com/ddm/fls/z/src=6633783;dc_pre=CKmH4dH0soEDFTJQHgIdydoHDA;type=afral0;cat=au_af0;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=9956327951298.191
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		228 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-7P81FZJZ1C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NN4PPKH
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.200 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
d1ff88c714aba44928db4fed9138fe90d6a5130097c36ec937363eb1e35364f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
82305
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:23 GMT
dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank...
adservice.google.com/ddm/fls/i/ Frame B1C0 		972 B
579 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Requested by
Host: 6633783.fls.doubleclick.net
URL: https://6633783.fls.doubleclick.net/activityi;dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
685e154bdd3e99c0672f23c6b033893fa83d68cc8ec78bc7290e9bf5af288153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://6633783.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
487
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsct
t.co/1/i/ 		43 B
376 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=af050c04-7b43-4557-8690-047d584639d6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeca733e-6963-4f30-82b7-5e52d532e7d5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&tw_iframe_status=0&txn_id=o1c4v&type=javascript&version=2.3.29
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time
103
date
Mon, 18 Sep 2023 00:33:23 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
dd3e99529b07bea5
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ed24dd2c38d176e8a9892e5d1cef0907208dbfcf01ba211948ce9d02062a4996
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=af050c04-7b43-4557-8690-047d584639d6&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeca733e-6963-4f30-82b7-5e52d532e7d5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&tw_iframe_status=0&txn_id=o1c4v&type=javascript&version=2.3.29
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time
168
date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
e84ac4a6b75505e3
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e3bcbca14be06aa52054ecdc68ee8d3695a37d619884726632179b0fd592c35f
content-length
43
d3de268037ee03ff108b60c71293dbb42d287944
static.ffx.io/images/$zoom_0.4248%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_407%2C$y_171/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.4248%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_407%2C$y_171/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/d3de268037ee03ff108b60c71293dbb42d287944
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f15a785fb9d43f0c100a47e792bc3fa28a6777003288ec972015370e113cd3ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
2090010
edge-cache-tag
313442319482079096371852316494770778807,496698266649328955626532447349484955612,5f5f4219172da4ec8104790896b11172
cache-tag
313442319482079096371852316494770778807,496698266649328955626532447349484955612,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="d3de268037ee03ff108b60c71293dbb42d287944.webp"
content-length
7252
x-cld-skey
313442319482079096371852316494770778807 496698266649328955626532447349484955612 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220038-FRA, cache-fra-eddf8230039-FRA
last-modified
Thu, 24 Aug 2023 19:58:51 GMT
server
cloudinary
x-timer
S1694997204.037422,VS0,VE1
etag
"4215d7f992e41d3f0388f0ac23ca436a"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
77427c45234ee2aec56fb94daeab9f11b3752b6d
static.ffx.io/images/$zoom_0.2148%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.2148%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/77427c45234ee2aec56fb94daeab9f11b3752b6d
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0d02fe973621da1d3469bed7ada2ec623f43200ea16a50f4d1d6966c7b9ee106

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
279033
edge-cache-tag
231779759973070264253848933534165813375,180683600334081536961872616366295619681,5f5f4219172da4ec8104790896b11172
cache-tag
231779759973070264253848933534165813375,180683600334081536961872616366295619681,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="77427c45234ee2aec56fb94daeab9f11b3752b6d.webp"
content-length
10988
x-cld-skey
231779759973070264253848933534165813375 180683600334081536961872616366295619681 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220087-FRA, cache-fra-eddf8230039-FRA
last-modified
Thu, 14 Sep 2023 19:00:05 GMT
server
cloudinary
surrogate-reporting
width=300,height=169,bytes=10988,owidth=8192,oheight=5464,obytes=7565194
x-timer
S1694997204.048102,VS0,VE1
etag
"94aef6d1ff7e801f06617382294498b2"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
d76d62118d33a54ac96f7ee720ed36a571f0f037
static.ffx.io/images/$zoom_0.6202%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_35/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.6202%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_35/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/d76d62118d33a54ac96f7ee720ed36a571f0f037
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4f405a6f2500b77db228fbc3562f99c4df9fa16da181f56780c9f0cb2d35c715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
19915
edge-cache-tag
421320500344684251305947605052858141443,190931539036217848916042614629780144895,5f5f4219172da4ec8104790896b11172
cache-tag
421320500344684251305947605052858141443,190931539036217848916042614629780144895,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="d76d62118d33a54ac96f7ee720ed36a571f0f037.webp"
content-length
10298
x-cld-skey
421320500344684251305947605052858141443 190931539036217848916042614629780144895 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-eddf8230046-FRA, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 19:00:10 GMT
server
cloudinary
surrogate-reporting
width=300,height=169,bytes=10298,owidth=1708,oheight=1227,obytes=275450
x-timer
S1694997204.058244,VS0,VE1
etag
"074d781e67f33cf13b4eb0679e42d0a6"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
e87b785f27810a765e00ec85d07e2c1ffdff4763
static.ffx.io/images/$zoom_1%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_674%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_1%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_674%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/e87b785f27810a765e00ec85d07e2c1ffdff4763
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
47a235820d360ed8a2acf3fc06ecfad2c518818268ecc46844b73c841092900a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
19915
edge-cache-tag
180707188677148211867262142829267126179,450941132944862912921409046197464731594,5f5f4219172da4ec8104790896b11172
cache-tag
180707188677148211867262142829267126179,450941132944862912921409046197464731594,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="e87b785f27810a765e00ec85d07e2c1ffdff4763.webp"
content-length
7174
x-cld-skey
180707188677148211867262142829267126179 450941132944862912921409046197464731594 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220034-FRA, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 19:00:14 GMT
server
cloudinary
surrogate-reporting
width=300,height=169,bytes=7174,owidth=1920,oheight=1281,obytes=718347
x-timer
S1694997204.064706,VS0,VE1
etag
"0cd7c82f256dcc31d529f0e0a43b4f36"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
/
adservice.google.com/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_conse... Frame 1418 		556 B
373 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736;~oref=https://www.afr.com/
Requested by
Host: 12393262.fls.doubleclick.net
URL: https://12393262.fls.doubleclick.net/activityi;dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
7cec63d1a3b495c1d73a4b419be6ee77fec15aeef57533081716f4a8e262f126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12393262.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
303
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-...
adservice.google.com/ddm/fls/i/ Frame DBB6 		759 B
424 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Requested by
Host: 12281244.fls.doubleclick.net
URL: https://12281244.fls.doubleclick.net/activityi;dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
f6afd81582d975378e4e80b24ce2267f3d7d9a89daa42d119de83bfb6c087940
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://12281244.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
354
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:23 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-7P81FZJZ1C&gtm=45je39d0&_p=1232498541&_gaz=1&cid=121274767.1694997204&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&dr=&sid=1694997203&sct=1&seg=0&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&dt=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack&en=page_view&_fv=1&_nsi=1&_ss=1&ep.brand=afr&ep.update_date=2023-06-26T23%3A51%3A30.000Z&ep.published_date=2023-06-26T22%3A27%3A46.000Z&ep.author=Lucas%20Baird&ep.publishing_platform=WEB&ep.pageview_id=EA3AA8E7-27E4-4306-BE36-EDC717AC9817&ep.page_type=Article&ep.primary_category=Companies&ep.sub_category=financialservices&ep.authored_platform=authoring&ep.page_id=p5djph&ep.share_content_platform=undefined&ep.content_source=AFR&ep.page_tag=Medibank%20Private%20Limited%7CAustralian%20Prudential%20Regulation%20Authority%7CJ.P.%20Morgan%20Chase%20%26%20Co%7CCyber%20protection%7CClass%20action&ep.page_primary_tag=Cybersecurity%20(Editorial%20use)&ep.metered_content=non%20metered&ep.nielsen_app_id=P70F2B436-31E2-4369-A3CB-294DC350A880&ep.nielsen_asn=afr.com-brand%20only&ep.page_template=article&ep.responsive_screen_size=desktop&ep.page_url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&ep.page_name=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&ep.page_load_time=undefined&ep.autorefresh=false&ep.days_since_published=undefined&ep.event_attribute=&ep.page_attribute=false&ep.commercial_sponsored_tag=&ep.commercial_type=&ep.commercial_sponsor=&ep.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&ep.newsfeed=&up.membership_type=visitor&up.device_id=%225de0a6eb-1ff0-410c-8ded-5f6ca37af1b9%22&up.device_type=desktop
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P81FZJZ1C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.34.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-7P81FZJZ1C&cid=121274767.1694997204&gtm=45je39d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-7P81FZJZ1C&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-7P81FZJZ1C&cid=121274767.1694997204&gtm=45je39d0&aip=1&z=184337289
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
swg-button.css
news.google.com/swg/js/v1/ 		21 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/swg-button.css
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:15:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6456
x-xss-protection
0
last-modified
Wed, 26 Apr 2023 21:11:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
text/css
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 01:05:23 GMT
loader.svg
news.google.com/swg/js/v1/ 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/js/v1/loader.svg
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
sffe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
232
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/news-frontend
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1049
x-xss-protection
0
last-modified
Mon, 16 Mar 2020 18:14:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="news-frontend"
vary
Accept-Encoding
report-to
{"group":"news-frontend","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/news-frontend"}]}
content-type
image/svg+xml
cache-control
public, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 01:19:31 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		249 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: adkit.9pub.io
URL: https://adkit.9pub.io/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 23:59:34 GMT
content-encoding
gzip
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
last-modified
Thu, 14 Sep 2023 19:03:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2031
x-amz-server-side-encryption
AES256
etag
W/"c48a6ec54d501e77b70ec98cc7bfa1a9"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
bEDwWbtAnUzvIuOrsklUfxgAslw_GEZkahwHf8__Hul-Mkg8eYmO1A==
tag
btloader.com/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5196279419240448&upapi=true
Requested by
Host: adkit.9pub.io
URL: https://adkit.9pub.io/v1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.70.134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d239e70e2a09a1b7c2bd3a149872ce3c13bc5692e20954636b9a9417d5d24e69

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 17 Sep 2023 23:55:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
2133
etag
W/"a68d9fd3e70cfc3467cd889ed7df8375"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pNjMXfOpuBZKLijZqZd4M%2BXkeZpl6yBG%2B3Qv56VY5OOT4OopNK%2B9ocwExZT5AkyTKIedw9VNUYYBuvtEPY%2Ft%2F4V5IEU2zpNyj8H%2FDg87JQFtN4AMjHsB1ND56HZXDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
80857f4f98ef1970-FRA
article
news.google.com/swg/_/api/v1/publication/afr.com/ 		439 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/api/v1/publication/afr.com/article
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
7203b0a51ae0db14275057307bd77e61c548ac20be290083098d8fa210799a59
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
text/plain, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientHttp/cspreport
content-encoding
gzip
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
x-frame-options
SAMEORIGIN
expires
Mon, 01 Jan 1990 00:00:00 GMT
dest5.html
fairfaxau.demdex.net/ Frame B191 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fairfaxau.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.110.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-110-112.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-2-v050-0885b218e.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
TzK8yf5XT+U=
content-encoding
gzip
date
Mon, 18 Sep 2023 00:33:24 GMT
last-modified
Wed, 28 Jun 2023 13:20:51 GMT
vary
accept-encoding
id
fairfaxau.sc.omtrdc.net/ 		2 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fairfaxau.sc.omtrdc.net/id?d_visid_ver=1.8.0&d_fieldgroup=A&mcorgid=BEB5C8A15492DB600A4C98BC%40AdobeOrg&mid=41716848711419526542313180776473426114&ts=1694997203767
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.22 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ip-63-140-62-22.data.adobedc.net
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Sep 2023 00:33:23 GMT
x-content-type-options
nosniff
server
jag
vary
Origin
content-type
application/x-javascript;charset=utf-8
access-control-allow-origin
https://www.afr.com
p3p
CP="This is not a P3P policy"
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-length
2
x-xss-protection
1; mode=block
event
nd.demdex.net/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://nd.demdex.net/event?_ts=1694997203595
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.121.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-121-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ceb7e7451d515842d0296cf388a7e606247a35a3f3db7a7b2b66c1912e311ab6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v050-07c809c40.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
lefWlYvlQxM=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.afr.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
671
Expires
Thu, 01 Jan 1970 00:00:00 UTC
moatheader.js
z.moatads.com/fairfaxheader492510264302/ 		248 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Requested by
Host: adkit.9pub.io
URL: https://adkit.9pub.io/v1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
735b036f29856a2e705597d1918e33a73d0009d8bd0e5cc50bcbddf4210346c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
gzip
last-modified
Wed, 13 Sep 2023 23:41:42 GMT
server
AmazonS3
x-amz-request-id
DSAHJNVEVG596AKW
etag
"af5cd5ab5eb90ad5c34dd11a61a261b4"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=19924
accept-ranges
bytes
content-length
88413
x-amz-id-2
3dKyA4nafL2ZXRoaEVoyIUqNynhlcZezOIsn7xrkiP760/yaBvoqszZfVncvBHF5gCgnPBQ0NjU=
pwt.js
ads.pubmatic.com/AdServer/js/pwt/158309/3891/ 		495 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Requested by
Host: adkit.9pub.io
URL: https://adkit.9pub.io/v1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e9275a273f5b661b2e1c2ff639b074f4da97733020c642ae2d26c7ef3fb4d41e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
gzip
last-modified
Fri, 28 Apr 2023 00:45:03 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=31739
accept-ranges
bytes
content-length
129051
expires
Mon, 18 Sep 2023 09:22:23 GMT
channels.cgi
fairfaxmedia.gscontxt.net/main/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fairfaxmedia.gscontxt.net/main/channels.cgi?url=https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Requested by
Host: adkit.9pub.io
URL: https://adkit.9pub.io/v1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.47.190.59 Amsterdam, Netherlands, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
75dcf84f6ecb2cb56fef9043344d3478309d3e5727a7705072719dcc22babfd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Length
3192
Content-Type
application/javascript
v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy
teenytinyshirt.com/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://teenytinyshirt.com/v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.134.78 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
78.134.111.34.bc.googleusercontent.com
Software
/
Resource Hash
697bf03507cb46ce624b80facfb229e0261d7aa5b26c7fe15000c7a754ad4c47
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Mon, 18 Sep 2023 00:33:24 GMT
x-datacenter
gce-europe-west1
etag
"fa551e851258455739f0fc9eed309dd1ee3784165451ba8f882175fe0396bf09"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-w5gn
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
998028631
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
b9f588f929821d986d93dc176638a54655da3456
static.ffx.io/images/$zoom_0.5519%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_97/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.5519%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_97/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/b9f588f929821d986d93dc176638a54655da3456
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
bf2a08730c912b41fecfa5d1f56af97d630c10c3ed286457fc68b3cb3533e7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
945292
edge-cache-tag
206047712142983499880844609206713707672,418459821579464331698741459056697689946,5f5f4219172da4ec8104790896b11172
cache-tag
206047712142983499880844609206713707672,418459821579464331698741459056697689946,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="b9f588f929821d986d93dc176638a54655da3456.webp"
content-length
4542
x-cld-skey
206047712142983499880844609206713707672 418459821579464331698741459056697689946 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-eddf8230032-FRA, cache-fra-eddf8230039-FRA
last-modified
Fri, 21 Oct 2022 23:38:54 GMT
server
cloudinary
x-timer
S1694997204.303474,VS0,VE1
etag
"cce218a3206b8d2488113af4bb3a88e8"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
21e1a313566144941b6d239f741198fd27d7a2bd
static.ffx.io/images/$zoom_0.7334%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_194%2C$y_3/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.7334%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_194%2C$y_3/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/21e1a313566144941b6d239f741198fd27d7a2bd
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
7e940f7af0bda63a45fc21c7529c9be3b8834b5bcdaa3afaea07fe38fa876c9b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
446832
edge-cache-tag
252662673506030573494558913429716473050,254770197496094143923130526412330093846,5f5f4219172da4ec8104790896b11172
cache-tag
252662673506030573494558913429716473050,254770197496094143923130526412330093846,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="21e1a313566144941b6d239f741198fd27d7a2bd.webp"
content-length
2488
x-cld-skey
252662673506030573494558913429716473050 254770197496094143923130526412330093846 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220029-FRA, cache-fra-eddf8230039-FRA
last-modified
Tue, 28 Mar 2023 04:52:23 GMT
server
cloudinary
surrogate-reporting
width=140,height=79,owidth=2000,oheight=1737,obytes=378119
x-timer
S1694997204.316778,VS0,VE1
etag
"57d0b842dc0d07cb3c45f40194562f19"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
rp.gif
alb.reddit.com/ 		42 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1694997204022&id=t2_rkf9cnj5&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d62b62a-13a2-4df2-a53e-77c6f003e2b3&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
rp.gif
alb.reddit.com/ 		42 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://alb.reddit.com/rp.gif?ts=1694997204023&id=t2_w8pcd953&event=PageVisit&m.itemCount=undefined&m.value=&m.valueDecimal=undefined&m.currency=undefined&m.transactionId=&m.customEventName=&m.products=&m.conversionId=&uuid=0d62b62a-13a2-4df2-a53e-77c6f003e2b3&aaid=&em=&external_id=&idfa=&integration=gtm&opt_out=0&sh=1600&sw=1200&v=rdt_f5bd31b2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.140 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish
nel
{"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.3, "failure_fraction": 0.3}
server
Varnish
report-to
{"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}, {"group": "w3-reporting-csp", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-csp.reddit.com/reports" }]}
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
42
retry-after
0
10167837.json
s.yimg.com/wi/config/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10167837.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:08:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
T1WDED85X550QWBC
age
1490
content-length
2
x-amz-id-2
gtS3ppZ6EWTe3acRkJQFZZHbZzUr89oKTFBsaZbLRubNzPzFOAOs+lT2r6er0tMg9dWCG9N8qJk=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
ATS
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public,max-age=3600
insight.old.min.js
snap.licdn.com/li.lms-analytics/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.21.20.141 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-21-20-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 28 Aug 2023 12:14:15 GMT
x-cdn
AKAM
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript;charset=utf-8
cache-control
max-age=25618
accept-ranges
bytes
content-length
4862
/
www.google.com/pagead/1p-user-list/AW-1006500043/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/AW-1006500043/?random=1694997203426&cv=11&fst=1694995200000&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&frm=0&tiba=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack&fmt=3&is_vtc=1&random=1347798992&rmt_tld=0&ipr=y
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/AW-1006500043/ 		42 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/AW-1006500043/?random=1694997203426&cv=11&fst=1694995200000&bg=ffffff&guid=ON&async=1&gtm=45He39d0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&frm=0&tiba=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack&fmt=3&is_vtc=1&random=1347798992&rmt_tld=1&ipr=y
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1831268437115893
connect.facebook.net/signals/config/ 		491 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1831268437115893?v=2.9.127&r=stable&domain=www.afr.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
d16062bb21d4b09656cd191dcbdd707ae7236bf107a45a869e39145424743624
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Sep 2023 00:33:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
zC9jUsdGsSSlSaxjNNEqGH68B39Oo75zBWGC5iz9cb77DcGw3RRMbbH/Y1PNX4e2npceLJhb/cykpj9K9Pbstg==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		242 B
544 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=afr.com&domain=afr.com&path=%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cc0ce9702ca4d0ef38cb0ca1e3376b29775e04ebf28b53f340943ab32c317d44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-cache-hits
0
date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
186
x-served-by
cache-fra-eddf8230128-FRA
x-timer
S1694997204.427551,VS0,VE101
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sat, 16 Sep 2023 00:33:24 GMT
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=afr.com&p=%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&u=BOruJYDB5vhZDFlvXK&d=afr.com&g=42370&g0=companies%2Cfinancialservices%2CArticle&g1=Lucas%20Baird&g4=Article&n=1&f=00001&c=0&x=0&m=0&y=6620&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&b=1944&_s=%7B%22pageViewId%22%3A%22EA3AA8E7-27E4-4306-BE36-EDC717AC9817%22%7D&t=p9LVMcRfeqgli1NCe2IyoCssaOG&V=141&i=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&tz=-120&_acct=anon&sn=1&sv=CAxGwxCRhQi3BVnEI-BzyaKEsuDLM&sd=1&im=067b0fff&_
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.220.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-210-220-158.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank...
6633783.fls.doubleclick.net/ddm/fls/r/ Frame 3B20
Redirect Chain
  • https://adservice.google.de/ddm/fls/i/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ff...
  • https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompa...
850 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
mil04s23-in-f6.1e100.net
Software
cafe /
Resource Hash
5eda828f570543dc23e19f4b8540bb1b6c3bda315e56cbec88a24b977177fdbf
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
335
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:24 GMT
expires
Mon, 18 Sep 2023 00:33:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:24 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
serviceiframe
news.google.com/swg/ui/v1/ Frame A07C 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/ui/v1/serviceiframe?_=1694997204090&sut=Ab9pFDa6gR6y0aokdS65ppocRmQygjtySSWiHCDEwskPh7YfU%2BAkfCs2uN9PxNql5B39WI0Bx1o64GmmP99vMg3irG8SrJ2%2FgZcP7ArkTkT9YIfhTw%3D%3D&publicationId=afr.com
Requested by
Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
4b1b2fced533d7b2c231e1b31bb0423725b8b56f9d3ce144a163558674de05fb
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Kirgpfpa1i4V5COitRptxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport script-src 'report-sample' 'nonce-Kirgpfpa1i4V5COitRptxw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Mon, 18 Sep 2023 00:33:24 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-...
adservice.google.de/ddm/fls/i/ Frame 06B7 		194 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CL6b2NH0soEDFZMPogMd_-MLug;src=12281244;type=afr0;cat=allpa0;ord=2776316414006;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:24 GMT
expires
Mon, 18 Sep 2023 00:33:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
adservice.google.de/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consen... Frame 41A6 		194 B
150 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736;~oref=https://www.afr.com/
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CO--2dH0soEDFTIKogMd82wIqQ;src=12393262;type=afr0;cat=allpa0;u1=[URL];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=4380897403320.9736;~oref=https://www.afr.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:24 GMT
expires
Mon, 18 Sep 2023 00:33:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cx.cce.js
cdn.cxense.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.cce.js
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.213.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-213-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:33:25 GMT
Content-Encoding
gzip
Last-Modified
Wed, 02 Aug 2023 09:25:23 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6042
Expires
Mon, 18 Sep 2023 01:33:25 GMT
execute
c2-au.piano.io/xbuilder/experience/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2-au.piano.io/xbuilder/experience/execute?aid=lrJ8j3qepa
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18cf0bc8388a9d4e094982c58c577ba561f298b5dd386fb0653c90eb0db5ea09
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
alt-svc
h3=":443"; ma=86400
x-request-id
jc7jh5euyk
pragma
no-cache
server
cloudflare
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.afr.com
access-control-expose-headers
Composer-Request-Control-Policy
cache-control
no-cache, no-store
access-control-allow-credentials
true
cf-ray
80857f504c973630-FRA
glcfg510.js
cdn-gl.imrworldwide.com/novms/js/2/configs/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/configs/glcfg510.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/ggcmb510.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
yyf7HhdCwDxBOQXbO66Vi5Yeio5WrroD
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Mon, 18 Sep 2023 00:31:38 GMT
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
107
x-amz-server-side-encryption
AES256
etag
W/"931051f801612c3a0e2782961ac3d56c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
-_ywj2iz5YnqUOTbfk4-O-4VsmEawFyhOpTuFGJc0ZGY4pDlPGbw9Q==
token
cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-123.fra2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:06:22 GMT
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1622
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=14192
x-amz-cf-id
uGp9H75djiBXKisYImzx6Qmy0w7VBdsUYYP7boZ5Lclebj3Xr6ZwWA==
collect
px.ads.linkedin.com/
Redirect Chain
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-bre...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-bre...
  • https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D9724%252C3519914%26time%3D1694997204175%26url%3Dhttps%253A%252F%252Fwww.afr.com%2...
  • https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-bre...
0
395 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cookiesTest=true&liSync=true
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9A92411A1EE344679D8626720010BB32 Ref B: FRAEDGE1112 Ref C: 2023-09-18T00:33:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-type
application/javascript
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFl0pR2LBsHEYosPlhtw==

Redirect headers

strict-transport-security
max-age=31536000
content-security-policy
default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-content-type-options
nosniff
date
Mon, 18 Sep 2023 00:33:25 GMT
linkedin-action
1
x-cache
CONFIG_NOCACHE
content-length
0
x-li-uuid
AAYFl0pP+FiCInqtFKyUQg==
pragma
no-cache
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AEC5BAE8DBF0415096E69DD085160DE9 Ref B: FRAEDGE1112 Ref C: 2023-09-18T00:33:25Z
x-frame-options
sameorigin
x-li-fabric
prod-lva1
location
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=9724%2C3519914&time=1694997204175&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cookiesTest=true&liSync=true
cache-control
no-cache, no-store
x-li-proto
http/2
expires
Thu, 01 Jan 1970 00:00:00 GMT
token
cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/ 		36 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-123.fra2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:06:22 GMT
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1622
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=14192
x-amz-cf-id
YaN-C6Sya3RYloH4aJAtOdQX_QNWDiA3wSAlVvJoKEzmF2VKb1fHBA==
token
cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/ 		36 B
374 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-123.fra2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:06:22 GMT
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1622
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=14192
x-amz-cf-id
0f_FA92INljelBBR-t5If5KEm3rbKrt4aGLfyAzt-UdN-AZxPMnIeQ==
token
cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/ 		36 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.linkedin.oribi.io/partner/3519914,9724/domain/afr.com/token
Requested by
Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-123.fra2.r.cloudfront.net
Software
/
Resource Hash
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept
*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:06:22 GMT
content-encoding
gzip
via
1.1 34f50889bc574f1edeb41dd758962a5a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
1622
vary
accept-encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=14192
x-amz-cf-id
_RHyuq9uDseMKA8FjuenfMWddsKHQEZEb99m34rFux8V71kz81qnGA==
storageframe.html
secure-gl.imrworldwide.com/ Frame A957 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure-gl.imrworldwide.com/storageframe.html
Requested by
Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
access-control-allow-origin
*
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:24 GMT
etag
W/"64d4f907-2b27"
last-modified
Thu, 10 Aug 2023 14:49:43 GMT
server
nginx
vary
Accept-Encoding
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-id
DXCby5350Hiffg_4V26CugMyFEaX59Lna6G5PZ51Okbf-fmQTwR2sw==
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
ibs:dpid=358&dpuuid=8386155878032714811
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
  • https://dpm.demdex.net/ibs:dpid=358&dpuuid=8386155878032714811
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8386155878032714811
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0a92a4994.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
bor9SZ9nQV0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
an-x-request-uuid
453fb243-34ac-4e5e-8830-aa4f5567aebd
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dpm.demdex.net/ibs:dpid=358&dpuuid=8386155878032714811
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
953970877989909
connect.facebook.net/signals/config/ 		489 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/953970877989909?v=2.9.127&r=stable&domain=www.afr.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.15 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-ams4.fbcdn.net
Software
/
Resource Hash
c8c2d32e217b202aa389a13dcf22b80f7975551e7ebc3b054ea3dd2bf51c16e8
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Mon, 18 Sep 2023 00:33:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
pragma
public
x-fb-debug
ZTnGkHLpG5mGOCkM/6kpeZ5BVC8sMwsa2mQsDw/npyQvk6njqsDXHC39FmBjmUcJg3gKVnYYlvxmgSyxwCUQGA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1831268437115893&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&rl=&if=false&ts=1694997204236&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694997204232.1054567858&cs_est=true&it=1694997204065&coo=false&rqm=GET
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 18 Sep 2023 00:33:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
P70F2B436-31E2-4369-A3CB-294DC350A880.js
cdn-gl.imrworldwide.com/conf/ 		32 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/conf/P70F2B436-31E2-4369-A3CB-294DC350A880.js
Requested by
Host: secure-au.imrworldwide.com
URL: https://secure-au.imrworldwide.com/v60.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5486c43323e68c7619f291c9391f6d7bb7206fa7971df5e74bd0132d8c665d2c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
c1TZpivOunILGTBlAlgtdUcgN43u10ya
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Sun, 17 Sep 2023 23:50:30 GMT
last-modified
Sat, 16 Sep 2023 05:17:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1
age
2575
x-amz-server-side-encryption
AES256
etag
W/"a2a778b2b0e9bf4112ee72032381a199"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400,s-maxage=86400
x-amz-cf-id
lOJsDzvhdlRSkoPMAp8l_VNzJBMhIEP_uTynXWMFXDrtAW8q5sBIdw==
ibs:dpid=470&dpuuid=4608482896472353189
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
  • https://dpm.demdex.net/ibs:dpid=470&dpuuid=4608482896472353189
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4608482896472353189
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-072458abe.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
467ABR/3Qo4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=470&dpuuid=4608482896472353189
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
hit.gif
au-script.dotmetrics.net/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://au-script.dotmetrics.net/hit.gif?id=12879&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&dom=www.afr.com&r=1694997204249&pvs=1&pvid=dec719b4-5fbc-47cc-8497-1c6709b40a70&c=true&tzOffset=-120&doorUrl=http%3a%2f%2fau-script.dotmetrics.net%2fdoor.js%3fd%3dwww.afr.com%26t%3dcompanies
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-94.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
dotmetrics-hit-status
01 OK
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA60-P1
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
image/gif
cache-control
no-cache
x-amz-cf-id
2kRlCgakZFpIxaJz2HWrXyTT7cmsXOzswS6BszU7rys2afXvug4kTQ==
hit.gif
rm-script.dotmetrics.net/ 		807 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rm-script.dotmetrics.net/hit.gif?id=12879&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&dom=www.afr.com&r=1694997204249&pvs=1&pvid=dec719b4-5fbc-47cc-8497-1c6709b40a70&c=true&tzOffset=-120
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-107.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 06:17:47 GMT
via
1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront)
last-modified
Tue, 18 Apr 2023 12:25:02 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
65738
x-amz-server-side-encryption
AES256
etag
"e4f758e6322c8f8abfa1f6eba71ee873"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=86400
accept-ranges
bytes
content-length
807
x-amz-cf-id
Nu27jCr9eZ30tD7iI3sYlVVjNHfKh68KF6BVgdboiIz-CWOjyGDluw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
date
Sun, 17 Sep 2023 05:06:35 GMT
x-amz-cf-pop
FRA2-C1
age
70010
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
4zXWb7qtXKp1dU-9LyPatnaxOHImEVECiGQfJQsp-i5OhWCPG1qgOA==
3a363040-6cd2-4f15-aaf2-25414542a5f0
config.aps.amazon-adsystem.com/configs/ 		537 B
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/3a363040-6cd2-4f15-aaf2-25414542a5f0
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
7cf5af3e86901f0074cf522e48625430e3848ba4c7e998d83168729ccb806edf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:14:45 GMT
via
1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1119
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
LxAbijsxxB-NBu-tzWzPYvx6AeZyMXzWI0yq25HcBWU1ELyDwIvViQ==
config
c.amazon-adsystem.com/cdn/prod/ 		0
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.afr.com&pubid=3a363040-6cd2-4f15-aaf2-25414542a5f0
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 21:46:25 GMT
via
1.1 0e7eb16f335fe24acf3f13c5dee19c88.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
10018
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.afr.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
WeUAdjQUqutmr-PnBjjRPZEt3_J8yNnWdPb-AVvgo4yFJ8gBSdAUoQ==
token
token.rubiconproject.com/ Frame B191 		0
720 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=41588886913637585192326544452486444539&gdpr=0&gdpr_consent=
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v2
mb.moatads.com/yi/ 		445 B
625 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BE%24%3D!!tZ.qm.J2fxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zkW3hkIJ33QxUrdGk7NYu%2BFfHV3eib89DkRB2436S0SxzRtAIyeo1MnKlpdMQlJdIBr9&rs=1-YuJ9Ql14YxN2gA%3D%3D&sc=1&os=1-GA%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJeRzBqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=cMJ2c%2CMCLR&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&pcode=fairfaxheader492510264302&rx=802032089874&callback=MoatNadoAllJsonpRequest_74071818
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.162.160.243 Slough, United Kingdom, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
de9e49d13a62d10642d41cefc00008df82a7098d1e575498c1e9ff5dca5ff030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
server
istio-envoy
etag
"4d63d91ae4acc4d534f94a9469d5b69f623ee972"
content-type
text/html; charset=UTF-8
cache-control
max-age=900
x-envoy-upstream-service-time
16
timing-allow-origin
*
content-length
445
iframe.html
z.moatads.com/hd09824092/ Frame 05DB 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/hd09824092/iframe.html
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/fairfaxheader492510264302/moatheader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=335
content-length
1374
content-type
text/html
date
Mon, 18 Sep 2023 00:33:24 GMT
etag
"4a9cbc2e5bc164313dace42a58bef141"
last-modified
Tue, 26 Jan 2021 22:41:39 GMT
server
AmazonS3
unused62
8096267
x-amz-id-2
kMqKG6+qmzJu4FYdts3EyONJG4UGmTPYMNEykM1bgg4NpJWrHxutfxTWjpEMy8YEIgrvNY0LVUE=
x-amz-request-id
630D574C7C0AA750
cspreport
news.google.com/swg/_/SubscribewithgoogleClientUi/ Frame A07C 		0
206 B 		Other
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/cspreport
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5lYqf0-4jZfBEW4i1z2DLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/swg/ui/v1/serviceiframe?_=1694997204090&sut=Ab9pFDa6gR6y0aokdS65ppocRmQygjtySSWiHCDEwskPh7YfU%2BAkfCs2uN9PxNql5B39WI0Bx1o64GmmP99vMg3irG8SrJ2%2FgZcP7ArkTkT9YIfhTw%3D%3D&publicationId=afr.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/csp-report

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
script-src 'report-sample' 'nonce-5lYqf0-4jZfBEW4i1z2DLQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com;report-uri /swg/_/SubscribewithgoogleClientUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=serviceiframeview,_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/ed=1/rs=ABXTjI4bPkBiNNqSzYRq96X43EwrCEEU7g/ Frame A07C 		745 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/ss/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/ed=1/rs=ABXTjI4bPkBiNNqSzYRq96X43EwrCEEU7g/m=serviceiframeview,_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1694997204090&sut=Ab9pFDa6gR6y0aokdS65ppocRmQygjtySSWiHCDEwskPh7YfU%2BAkfCs2uN9PxNql5B39WI0Bx1o64GmmP99vMg3irG8SrJ2%2FgZcP7ArkTkT9YIfhTw%3D%3D&publicationId=afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 16:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
400
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/css; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 16:23:57 GMT
m=_b,_tp
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTj... Frame A07C 		195 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Requested by
Host: news.google.com
URL: https://news.google.com/swg/ui/v1/serviceiframe?_=1694997204090&sut=Ab9pFDa6gR6y0aokdS65ppocRmQygjtySSWiHCDEwskPh7YfU%2BAkfCs2uN9PxNql5B39WI0Bx1o64GmmP99vMg3irG8SrJ2%2FgZcP7ArkTkT9YIfhTw%3D%3D&publicationId=afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
987c2265562d477bd70cbb53fb23e2b6565ce67adf9d2d42786402116110ec45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:09:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458625
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70260
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:09:39 GMT
nlsSDK600.bundle.min.js
cdn-gl.imrworldwide.com/novms/js/2/ 		199 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/P70F2B436-31E2-4369-A3CB-294DC350A880.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-amz-version-id
Aabpvbg3ktgBmwIqp1b4kZ3V88L5QhMx
content-encoding
gzip
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
date
Sun, 17 Sep 2023 23:44:40 GMT
x-amz-cf-pop
FRA60-P1
age
2925
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 06 Sep 2023 13:04:53 GMT
server
AmazonS3
etag
W/"2be1fe7a43ef5ba626afab2ceddfc177"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
YVr8EJvOkaAfyoJUxpJcy6Lfdyxg7UTRQenJjJ8FcCUWoCwcuqjrng==
sp.pl
sp.analytics.yahoo.com/ 		43 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2018%20Sep%202023%2000%3A33%3A24%20GMT&n=-2d&b=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack&.yp=10167837&f=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Mon, 18 Sep 2023 00:33:24 GMT
script.js
au-script.dotmetrics.net/Scripts/ 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/Scripts/script.js?v=232
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/door.js?d=www.afr.com&t=companies
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-94.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
437418fca3c9a4099c883f257c5fd32c14d79eced6ab73a70ffefa5dfe308651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
last-modified
Thu, 07 Sep 2023 13:36:02 GMT
server
Kestrel
x-amz-cf-pop
FRA60-P1
etag
"1d9e1903e3f9dff"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
accept-ranges
bytes
x-amz-cf-id
KOnL_JDhHJvBggLuYej7XUJEiDVjJ5adlxpuIAjsBdcsd21JrElQNw==
ibs:dpid=466&dpuuid=%s
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=466%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-096fd6b03.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
3U6C6imcT7M=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
300,104
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
server
nginx
etag
"615e720b-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=466&dpuuid=%s
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Mon, 18 Sep 2023 00:33:24 GMT
collect
www.google-analytics.com/j/ 		4 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1232498541&t=pageview&_s=1&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&dp=%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&ul=en-us&de=UTF-8&dt=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACACI~&jid=873356730&gjid=1319899438&cid=121274767.1694997204&tid=UA-91053368-8&_gid=1638449254.1694997204&_r=1&_slc=1&gtm=45He39d0n81NN4PPKH&cd1=afr&cd2=2023-06-26T23%3A51%3A30.000Z&cd3=2023-06-26T22%3A27%3A46.000Z&cd4=Lucas%20Baird&cd5=WEB&cd6=EA3AA8E7-27E4-4306-BE36-EDC717AC9817&cd7=Article&cd8=Companies&cd9=financialservices&cd10=authoring&cd11=p5djph&cd12=false&cd14=visitor&cd21=AFR&cd22=Medibank%20Private%20Limited%7CAustralian%20Prudential%20Regulation%20Authority%7CJ.P.%20Morgan%20Chase%20%26%20Co%7CCyber%20protection%7CClass%20action&cd23=Cybersecurity%20(Editorial%20use)&cd24=non%20metered&cd28=P70F2B436-31E2-4369-A3CB-294DC350A880&cd29=afr.com-brand%20only&cd30=article&cd33=%225de0a6eb-1ff0-410c-8ded-5f6ca37af1b9%22&cd38=&cd40=desktop&cd42=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cd46=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&cd56=visitor&cd57=false&cd60=&cd61=false&cd62=&cd63=&cd64=&cd65=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&cd66=&z=1713609833
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
track_page_view
nova.collect.igodigital.com/c2/10510523/ 		43 B
682 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10510523/track_page_view?payload=%7B%22title%22%3A%22APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack%22%2C%22url%22%3A%22https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%22%2C%22referrer%22%3A%22%22%2C%22user_info%22%3A%7B%7D%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.234.106.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-234-106-202.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-runtime
0.062037
date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
x-xss-protection
1; mode=block
x-request-id
31aea091-b1c2-4ef3-a378-50071c92add5
/
p1.parsely.com/plogger/ 		43 B
257 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1694997204493&plid=23007098&idsite=afr.com&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22_pageviewID%22%3A%22BA7D0AF0-E81F-4234-A85C-DE5E6F44960F%22%2C%22memberType%22%3A%22Visitor%22%7D&sid=1&surl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&sref=&sts=1694997204487&slts=0&title=APRA+hits+Medibank+Private+with+extra+%24250+million+capital+requirement+after+hack+attack&date=Mon+Sep+18+2023+02%3A33%3A24+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&js=1&pvid=96632370&u=pid%3D0c6fc75051d5fab95f2d12a695b8fd2f
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:33:24 GMT
Cache-Control
no-cache
Last-Modified
Monday, 18-Sep-2023 00:33:24 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230918
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9baafe295a2c10f302c9cda8a96f98a2b73e6ead991a4663f4ae8014a6169df3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
30756
x-jsd-version
1.0.1815
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-yyz4573-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"639-wLzRmTE9cdnpXmWaSNWKceG5tUs"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e%2BuZNK4TcMHVCcR%2BHyGB%2Bt%2BnVwIZ15QGjjlgSaH1swm2PC4%2BNunb2miZtcHLsIN3QzKkpehemwiPkvcTQ7cGzWNXkGQ3bMItFpkwDuuxYSKgbf0muIEJ0nh1%2FKlKzarSU68%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
80857f527eed928d-FRA
ibs:dpid=771&dpuuid=CAESEGzJX395Bor6gk1MrQ1ekeQ&google_cver=1
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NDE1ODg4ODY5MTM2Mzc1ODUxOTIzMjY1NDQ0NTI0ODY0NDQ1Mzk=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGzJX395Bor6gk1MrQ1ekeQ&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGzJX395Bor6gk1MrQ1ekeQ&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-01d8b9ba0.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
kQ79WzDuRj0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGzJX395Bor6gk1MrQ1ekeQ&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=953970877989909&ev=PageView&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&rl=&if=false&ts=1694997204522&cd[user.status]=visitor&cd[brand]=afr&cd[page.viewId]=D9F1AE88-1F6B-4E53-9C2C-EAD016745732&cd[page.type]=Article&cd[section.primaryCategory]=companies&cd[section.subCategory]=financialservices&cd[page.renderedPlatform]=WEB&cd[Container%20ID]=GTM-NN4PPKH&cd[page.name]=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&cd[page.primaryTag]=Cybersecurity%20(Editorial%20use)&cd[page.author]=Lucas%20Baird&cd[page.fullPageLoad]=true&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694997204232.1054567858&cs_est=true&it=1694997204065&coo=false&rqm=GET
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 18 Sep 2023 00:33:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 		408 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 19:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
17636
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131633
x-xss-protection
0
server
cafe
etag
12671944107613252425
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Mon, 16 Sep 2024 19:39:28 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-91053368-8&cid=121274767.1694997204&jid=873356730&gjid=1319899438&_gid=1638449254.1694997204&_u=YCDACEAABAAAACACI~&z=566515127
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f154.1e100.net
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 18 Sep 2023 00:33:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?o=5196279419240448&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425292
x-guploader-uploadid
ADPycds86VGkQvTN70_VFuS2NtjQ6HX8J5fMpsyc-NuzCY_wKYDsgJV661e5YshSsNBnUOz2dDMsMjzSdvSvX1Pfp_NGAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GO%2BHwxTcCL6EULgv810DRzuMy1s2wmu1jIiTp99ef78qoTp23Xpzsgu%2BaOGXgenS%2BO3%2FZhrxp3vIBcLyfBLm9JG6qOU3jZGaefLOC87pig981NjAzALMyk5f1zMOxCA%2B8A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80857f53bf4a373c-FRA
expires
Wed, 13 Sep 2023 03:21:47 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 08:50:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
56566
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 18 Sep 2023 08:50:38 GMT
px.gif
ad-delivery.net/ 		43 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.04985897455727817
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.69.19 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
425292
x-guploader-uploadid
ADPycds86VGkQvTN70_VFuS2NtjQ6HX8J5fMpsyc-NuzCY_wKYDsgJV661e5YshSsNBnUOz2dDMsMjzSdvSvX1Pfp_NGAQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D%2B%2FwNmuA86SsmVTmu66uZaD%2BCDco5ppZrouagUbIB7aJZAN5WAZKg7Ggm%2FAN75rXFk0ENPscT7ULDV3LStPQGxQQ8Bqq05dIjD2DGRTpbw%2FCJ%2FPzLYthKnTvJvYnu9WI5A%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
80857f53bf4c373c-FRA
expires
Wed, 13 Sep 2023 03:21:47 GMT
ls.html
cdn-gl.imrworldwide.com/novms/html/ Frame 2F6A 		12 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by
Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-65.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2235
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 17 Sep 2023 23:56:10 GMT
etag
W/"7fa83dfc7b78314b137e2eb13834daa7"
last-modified
Wed, 06 Sep 2023 13:04:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 06a27d66e25d02ebcfb014b9d194016a.cloudfront.net (CloudFront)
x-amz-cf-id
j9VVJZO4PPAYKvFt7qhHzjUCYy4F7U8vokVR14SyggYxj0w3guerBw==
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
CTbRZ.5UlARhD4XceMUpZU1V6DSHtB37
x-cache
Hit from cloudfront
ibs:dpid=782&dpuuid=ZQea1AALbjnM9gBT
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://rtd.tubemogul.com/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://rtd-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D
  • https://rtd-tm.everesttech.net/ct/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D782%26dpuuid%3D%24%7BTM_USER_ID%7D&_test=ZQea1AALbjnM9gBT
  • https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQea1AALbjnM9gBT
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQea1AALbjnM9gBT
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-046032c28.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
JqBSobAhQaA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

x-served-by
cache-fra-eddf8230043-FRA
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1694997205.045579,VS0,VE100
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://dpm.demdex.net/ibs:dpid=782&dpuuid=ZQea1AALbjnM9gBT
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
ibs:dpid=832&dpuuid=EUX4367884955724075217
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://sync.adap.tv/demdex_user_sync
  • https://dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4367884955724075217
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4367884955724075217
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0bfa98f39.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
CiIuLRk3RAQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
//dpm.demdex.net/ibs:dpid=832&dpuuid=EUX4367884955724075217
Server
ribs2.0
Connection
keep-alive
Content-Length
0
Content-Type
text/plain
m
secure-gl.imrworldwide.com/cgi-bin/
Redirect Chain
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1694997204634&ci=f2&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapr...
  • https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1694997204634&ci=f2&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapr...
44 B
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1694997204634&ci=f2&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&sr=1600x1200&id=lstrg-476c72fdf8e7d04369248b4b213d34cd&tz=2&ja=1
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
13.225.78.35 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-35.fra2.r.cloudfront.net
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
44
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
n9jVWCCzvkgeY2o7qDSpEYC3m5K7AH-5JOQZjFxoRVp_xXh7-6W_pA==
expires
Thu, 01 Dec 1994 16:00:00 GMT

Redirect headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 590590f04f79f692591f9db0e720a31c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
x-cache
Miss from cloudfront
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy
cross-origin
content-length
0
pragma
no-cache
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
location
https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1694997204634&ci=f2&js=1&cg=0&ts=v60.js&vn=6.0.108&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&sr=1600x1200&id=lstrg-476c72fdf8e7d04369248b4b213d34cd&tz=2&ja=1
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
-4rC3aXcCaFrgAMj3vDtL0T61PgKP1eCyVzy4akBGyhizLlKHxUoFw==
expires
Thu, 01 Dec 1994 16:00:00 GMT
ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-072458abe.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
B3PwKfN4TNk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Usa9Ux0SUd5YoQ74BCohaS%2FSb3qRvr8GKRuChr%2BzzxDcmVx46a1%2FhdqzfqtyEIryOrokx1DrvRIXmd6eS6mQwNzJGlAOAmI%2Bptu5Ty6Lq74GyzPa4EuOLeCw%2BqpYMOjMS726mBHi"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180
cache-control
no-cache
cf-ray
80857f52fa2f9b45-FRA
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
auction
tlx.3lift.com/header/ 		19 B
569 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.18.0&referrer=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&tmax=1450
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.100.108 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-100-108.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme
x-auction-status
5, 5, 5
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		519 B
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21460&site_id=369102&zone_id=2011208%3B2011208%3B2011202&size_id=2%3B2%3B15&alt_size_ids=57%3B57%3B9%2C10&rf=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&tg_i.pbadslot=adspot-970x250_728x90-pos1-desktop%3Badspot-970x250_728x90-pos2-desktop%3Badspot-300x600_300x250_160x600-pos3-desktop&tk_flint=pbjs_lite_v6.18.0&x_source.tid=3a9c56cd-0830-4f93-84ef-90f6791606b3%3B304b5df8-d3a0-4dfb-bc2d-fc518875559a%3B9c1f03ec-25df-4128-b63b-8a9debea9095&l_pb_bid_id=644f52d291e2d2%3B7d4d0f624ce104%3B879b419d32315f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.8270162842163868
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.19.162.41 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
90c4934897a20a6b6f49bbbfb64eb9fac2d477a2e375ee78e70e6a6bb8194c63

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
519
expires
Wed, 17 Sep 1975 21:32:10 GMT
translator
hbopenbid.pubmatic.com/ 		0
110 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=ow-client
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.afr.com
date
Mon, 18 Sep 2023 00:33:23 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		37 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=654164&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2213903d684916bae%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2214da85a6eb2d442%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22654164%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22654164%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22156e55d249da73%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22654164%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22654164%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22161de6bb526d2b%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22654158%22%2C%22sid%22%3A%22300x600%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22654158%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A160%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22654158%22%2C%22sid%22%3A%22160x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%7D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60c47b9290bfb66460eec2c0b3cfe14fed2704553f8b93fae74044a2737ae541

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IrnFFKix%2FCQrlCO1lU5ACLXLyiRAvF7ak0JhDfUqyRiYWcXCP6MbANNOp0bHBwbpKYK4spaXL2NmKgWvALGhPGnCfc8zQcSVm2MuPontQsXJ75zAdHaagvLTB0GQSYbXHnPuzuGk"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
80857f521d371c3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
37
expires
0
prebid
ads.playground.xyz/host-config/ 		0
334 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/host-config/prebid?v=2
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.afr.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
f4790944-4643-4283-b19b-7c1cfd8d29ee
prebid
ib.adnxs.com/ut/v3/ 		379 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
c4f05c6325c565802a79411546b7d671abca2432db9a18e27f8b94b634ee02f7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
an-x-request-uuid
1989a165-63ca-405f-98d6-c8bb894fdc11
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.afr.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
379
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gn
secure-dcr.imrworldwide.com/cgi-bin/ Frame 2F6A 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,P70F2B436-31E2-4369-A3CB-294DC350A880&sessionId=ramqgrikhxntouhb6dnnciyrg9ltu1694997204&c16=sdkv,bj.6.0.0&uoo=&fp_id=m2xk7ctvjytujodq5nxcbchvze9xl1694997204&fp_cr_tm=1694997204558&fp_acc_tm=1694997204558&fp_emm_tm=1694997204558&ve_id=&c30=bldv,6.0.0.673&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=&retry=0
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.4.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-4-25.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
/
ramqgrikhxntouhb6dnnciyrg9ltu1694997204.nuid.imrworldwide.com/ Frame 2F6A 		35 B
349 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ramqgrikhxntouhb6dnnciyrg9ltu1694997204.nuid.imrworldwide.com/
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-78.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn-gl.imrworldwide.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 02:48:55 GMT
via
1.1 0afa2d721972ae312ad1dd54e47c43ca.cloudfront.net (CloudFront)
last-modified
Tue, 11 Sep 2018 17:05:20 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
age
78271
etag
"c2196de8ba412c60c22ab491af7b1409"
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
35
x-amz-cf-id
s1nSCsBl4M2kriy1WTertOOnaA01TGz1sLKz0qRymP7MyEV-_QLh4g==
conversion.js
www.googleadservices.com/pagead/ Frame 3B20 		49 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: 6633783.fls.doubleclick.net
URL: https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6633783.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18494
x-xss-protection
0
server
cafe
etag
5879359867132392387
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 18 Sep 2023 00:33:24 GMT
ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://ps.eyeota.net/match?bid=6j5b2cv&uid=41588886913637585192326544452486444539&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
  • https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
42 B
960 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-02fed42b9.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1QszK6WaSG4=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error
104,303
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date
Mon, 18 Sep 2023 00:33:24 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"
ibs:dpid=30646
dpm.demdex.net/ Frame B191
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=41588886913637585192326544452486444539&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=41588886913637585192326544452486444539&gdpr=0&gdpr_consent=
  • https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-EsDGMtNE2pFb_8wNtptlbJD4qtMtdTXiz1U-~A
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-EsDGMtNE2pFb_8wNtptlbJD4qtMtdTXiz1U-~A
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://fairfaxau.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0fc891792.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/u0lp5pQRTk=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-EsDGMtNE2pFb_8wNtptlbJD4qtMtdTXiz1U-~A
date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
l.ffx.io/ 		2 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.ffx.io/
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.82.44 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-82-44.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json

Response headers

Date
Mon, 18 Sep 2023 00:33:25 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length
2
/
l.ffx.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://l.ffx.io/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.66.82.44 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-66-82-44.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Access-Control-Allow-Methods
GET, PUT, POST, DELETE, PATCH, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
1728000
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Sep 2023 00:33:24 GMT
/
www.facebook.com/tr/ Frame 0E11 		0
200 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.afr.com
Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.afr.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:24 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
d3de268037ee03ff108b60c71293dbb42d287944
static.ffx.io/images/$zoom_0.4248%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_407%2C$y_171/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.4248%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_407%2C$y_171/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/d3de268037ee03ff108b60c71293dbb42d287944
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
f15a785fb9d43f0c100a47e792bc3fa28a6777003288ec972015370e113cd3ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
2090011
edge-cache-tag
313442319482079096371852316494770778807,496698266649328955626532447349484955612,5f5f4219172da4ec8104790896b11172
cache-tag
313442319482079096371852316494770778807,496698266649328955626532447349484955612,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="d3de268037ee03ff108b60c71293dbb42d287944.webp"
content-length
7252
x-cld-skey
313442319482079096371852316494770778807 496698266649328955626532447349484955612 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220038-FRA, cache-fra-eddf8230039-FRA
last-modified
Thu, 24 Aug 2023 19:58:51 GMT
server
cloudinary
x-timer
S1694997205.894286,VS0,VE0
etag
"4215d7f992e41d3f0388f0ac23ca436a"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
77427c45234ee2aec56fb94daeab9f11b3752b6d
static.ffx.io/images/$zoom_0.2148%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.2148%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/77427c45234ee2aec56fb94daeab9f11b3752b6d
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
0d02fe973621da1d3469bed7ada2ec623f43200ea16a50f4d1d6966c7b9ee106

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
279034
edge-cache-tag
231779759973070264253848933534165813375,180683600334081536961872616366295619681,5f5f4219172da4ec8104790896b11172
cache-tag
231779759973070264253848933534165813375,180683600334081536961872616366295619681,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="77427c45234ee2aec56fb94daeab9f11b3752b6d.webp"
content-length
10988
x-cld-skey
231779759973070264253848933534165813375 180683600334081536961872616366295619681 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220087-FRA, cache-fra-eddf8230039-FRA
last-modified
Thu, 14 Sep 2023 19:00:05 GMT
server
cloudinary
surrogate-reporting
width=300,height=169,bytes=10988,owidth=8192,oheight=5464,obytes=7565194
x-timer
S1694997205.898055,VS0,VE0
etag
"94aef6d1ff7e801f06617382294498b2"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
d76d62118d33a54ac96f7ee720ed36a571f0f037
static.ffx.io/images/$zoom_0.6202%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_35/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.6202%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_35/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/d76d62118d33a54ac96f7ee720ed36a571f0f037
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4f405a6f2500b77db228fbc3562f99c4df9fa16da181f56780c9f0cb2d35c715

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
19916
edge-cache-tag
421320500344684251305947605052858141443,190931539036217848916042614629780144895,5f5f4219172da4ec8104790896b11172
cache-tag
421320500344684251305947605052858141443,190931539036217848916042614629780144895,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="d76d62118d33a54ac96f7ee720ed36a571f0f037.webp"
content-length
10298
x-cld-skey
421320500344684251305947605052858141443 190931539036217848916042614629780144895 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-eddf8230046-FRA, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 19:00:10 GMT
server
cloudinary
surrogate-reporting
width=300,height=169,bytes=10298,owidth=1708,oheight=1227,obytes=275450
x-timer
S1694997205.898045,VS0,VE0
etag
"074d781e67f33cf13b4eb0679e42d0a6"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
e87b785f27810a765e00ec85d07e2c1ffdff4763
static.ffx.io/images/$zoom_1%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_674%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_1%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_674%2C$y_0/t_crop_custom/c_scale%2Cw_300%2Cq_88%2Cf_auto/e87b785f27810a765e00ec85d07e2c1ffdff4763
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
47a235820d360ed8a2acf3fc06ecfad2c518818268ecc46844b73c841092900a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish
age
19916
edge-cache-tag
180707188677148211867262142829267126179,450941132944862912921409046197464731594,5f5f4219172da4ec8104790896b11172
cache-tag
180707188677148211867262142829267126179,450941132944862912921409046197464731594,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="e87b785f27810a765e00ec85d07e2c1ffdff4763.webp"
content-length
7174
x-cld-skey
180707188677148211867262142829267126179 450941132944862912921409046197464731594 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220034-FRA, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 19:00:14 GMT
server
cloudinary
surrogate-reporting
width=300,height=169,bytes=7174,owidth=1920,oheight=1281,obytes=718347
x-timer
S1694997205.905077,VS0,VE0
etag
"0cd7c82f256dcc31d529f0e0a43b4f36"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2
graphql
api.afr.com/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20MostPopularQuery(%24assetType%3A%20String%2C%20%24brand%3A%20String!%2C%20%24count%3A%20Int%2C%20%24primaryCategory%3A%20String%2C%20%24subCategory%3A%20String%2C%20%24tags%3A%20%5BString!%5D)%20%7B%20mostPopularStories(%20assetType%3A%20%24assetType%20brand%3A%20%24brand%20category%3A%20%24primaryCategory%20count%3A%20%24count%20subCategory%3A%20%24subCategory%20tags%3A%20%24tags%20)%20%7B%20...AssetFragment%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20...AssetTagAudience%20shortID%20slug%20%7D%20fragment%20AssetTagAudience%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20altText%20aspect%20autocrop%20caption%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=MostPopularQuery&variables=%7B%22brand%22%3A%22afr%22%2C%22primaryCategory%22%3A%22companies%22%2C%22count%22%3A5%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
880f8eddec058f571f7c6d778206ca2965c201591f3532bfb5d4de4de9ad80ec

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
50
x-cache
MISS, HIT, HIT
content-length
3213
x-served-by
cache-syd10151-SYD, cache-syd10151-SYD, cache-fra-eddf8230039-FRA
x-timer
S1694997154.259646,VS0,VE4
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
public, max-age=60
access-control-allow-credentials
true
x-varnish-grace
normal(limited)
accept-ranges
bytes
x-cache-hits
0, 6, 1
graphql
api.afr.com/ 		19 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.afr.com/graphql?query=query%20assetsConnectionByCriteria(%24after%3A%20ID%2C%20%24brand%3A%20Brand!%2C%20%24categories%3A%20%5BInt!%5D%2C%20%24first%3A%20Int!%2C%20%24render%3A%20Render!%2C%20%24types%3A%20%5BAssetType!%5D!)%20%7B%20assetsConnectionByCriteria(%20after%3A%20%24after%20brand%3A%20%24brand%20categories%3A%20%24categories%20first%3A%20%24first%20render%3A%20%24render%20types%3A%20%24types%20)%20%7B%20edges%20%7B%20cursor%20node%20%7B%20...AssetFragment%20sponsor%20%7B%20name%20%7D%20%7D%20%7D%20error%20%7B%20message%20type%20%7B%20class%20%7D%20%7D%20pageInfo%20%7B%20endCursor%20hasNextPage%20%7D%20%7D%20%7D%20fragment%20AssetFragment%20on%20Asset%20%7B%20asset%20%7B%20about%20byline%20duration%20headlines%20%7B%20headline%20%7D%20live%20%7D%20assetType%20dates%20%7B%20firstPublished%20modified%20published%20%7D%20id%20featuredImages%20%7B%20landscape16x9%20%7B%20...ImageFragment%20%7D%20landscape3x2%20%7B%20...ImageFragment%20%7D%20portrait2x3%20%7B%20...ImageFragment%20%7D%20square1x1%20%7B%20...ImageFragment%20%7D%20%7D%20label%20tags%20%7B%20primary%3A%20primaryTag%20%7B%20...AssetTag%20%7D%20secondary%20%7B%20...AssetTag%20%7D%20%7D%20urls%20%7B%20...AssetURLs%20%7D%20%7D%20fragment%20AssetTag%20on%20AssetTagDetails%20%7B%20...AssetTagAudience%20shortID%20slug%20%7D%20fragment%20AssetTagAudience%20on%20AssetTagDetails%20%7B%20company%20%7B%20exchangeCode%20stockCode%20%7D%20context%20displayName%20id%20name%20urls%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20%7D%20fragment%20AssetURLs%20on%20AssetURLs%20%7B%20canonical%20%7B%20brand%20path%20%7D%20published%20%7B%20afr%20%7B%20path%20%7D%20%7D%20%7D%20fragment%20ImageFragment%20on%20Image%20%7B%20data%20%7B%20altText%20aspect%20autocrop%20caption%20cropWidth%20id%20offsetX%20offsetY%20zoom%20%7D%20%7D%20&operationName=assetsConnectionByCriteria&variables=%7B%22brand%22%3A%22afr%22%2C%22categories%22%3A%5B88%5D%2C%22first%22%3A6%2C%22render%22%3A%22WEB%22%2C%22types%22%3A%5B%22article%22%2C%22liveArticle%22%2C%22featureArticle%22%5D%7D
Requested by
Host: www.afr.com
URL: https://www.afr.com/assets/vendors_client.3ccace26c3d0d20ea7f5.chunk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7eb3e82281d070809aabad8fdf1e439f052b836cf8b0471de65b627d5a956afd

Request headers

Accept
application/json, text/plain, */*, application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding
gzip
age
18
x-cache
MISS, HIT, HIT
content-length
4084
x-served-by
cache-syd10175-SYD, cache-syd10175-SYD, cache-fra-eddf8230039-FRA
x-timer
S1694997187.512691,VS0,VE41
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
public, max-age=30
access-control-allow-credentials
true
x-varnish-grace
none(fetch fresh)
accept-ranges
bytes
x-cache-hits
0, 2, 1
loadTemplateContext
buy-au.piano.io/api/v3/anon/template/ 		585 B
859 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy-au.piano.io/api/v3/anon/template/loadTemplateContext?aid=lrJ8j3qepa
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ffb8705ccd5aa6a208059cd0b7ddebf61f540aa4c41c104aa9b7059ec7d7e9d
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
x-request-id
Kp7o51sErbk
pragma
no-cache
wn
prod-au-dash-10-1-2-29
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
server-time
0.005
cache-control
no-cache, no-store, must-revalidate
cf-ray
80857f54abe34daa-FRA
expires
0
cacheableShow
buy-au.piano.io/checkout/template/ Frame 5A17 		27 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
817348cab66884df28c03e018348aa6033949b939be7de3f9d3b42695d41545c
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-methods
*
access-control-allow-origin
http://dashboard-au.piano.io
age
755
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=300
cf-cache-status
HIT
cf-ray
80857f52ae1c3630-FRA
content-encoding
br
content-type
text/html;charset=UTF-8
date
Mon, 18 Sep 2023 00:33:24 GMT
expires
Mon, 18 Sep 2023 00:38:24 GMT
last-modified
Mon, 18 Sep 2023 00:20:49 GMT
p3p
CP="NON DSP COR OUR IND"
pragma
server
cloudflare
server-time
0.002
strict-transport-security
max-age=86400; includeSubDomains
vary
accept-encoding
wn
prod-au-dash-10-1-3-53
x-forwarded-https
on
x-request-id
Kpmn51sDreY
x-xss-protection
0
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.168.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.168.110.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.afr.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 18 Sep 2023 00:33:24 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
fbab7be52cd5492786a7d44e24278a59
tp2
i-dev.ffx.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i-dev.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.80.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
153.80.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.afr.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 18 Sep 2023 00:33:25 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
98f304b79b7f0223a57f0a97932c9068
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ 		2 B
166 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.18.2/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.168.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.168.110.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.afr.com
x-cloud-trace-context
261426a5762a5cdde2272c3d52ac0db9
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
i-dev.ffx.io/com.snowplowanalytics.snowplow/ 		2 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i-dev.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.18.2/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.80.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
153.80.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.afr.com
x-cloud-trace-context
f04c1a767a8fc0eb04fb8df9690bdfb3
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
ytc.js
s.yimg.com/wi/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.251 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e1-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:04 GMT
x-amz-version-id
xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding
gzip
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
EB5F0BPX2QR68KZX
age
21
x-amz-server-side-encryption
AES256
x-amz-id-2
PzLZgxkV4TfwO5Q1CDApAGZLvlg5xnd2tGKpDzxI18xE1OwcGTo5oEO/xdpxqepBylslS7BViLHkverfykj69wfGOpaKHBg8
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Mon, 26 Jun 2023 09:26:35 GMT
server
ATS
etag
"5c6ed25dce803fd84288922b8928409e-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 18:55:37 GMT
x-amz-server-side-encryption
AES256
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kiad7000092-IAD, cache-fra-eddf8230089-FRA

Redirect headers

Date
Mon, 18 Sep 2023 00:33:25 GMT
Server
ECS (amb/6BA6)
x-tw-cdn
VZ
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Location
https://static.ads-twitter.com/oct.js
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= ,x-tw-cdn;desc=VZ
Content-Length
0
collect
www.google-analytics.com/ 		35 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1232498541&t=event&ni=0&_s=2&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&dp=%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&ul=en-us&de=UTF-8&dt=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=piano&ea=activation&el=%23paywall-prompt-article-piano-id&ev=0&_u=aCDACEABBAAAACACI~&jid=&gjid=&cid=121274767.1694997204&tid=UA-91053368-8&_gid=1638449254.1694997204&gtm=45He39d0n81NN4PPKH&cd1=afr&cd2=2023-06-26T23%3A51%3A30.000Z&cd3=2023-06-26T22%3A27%3A46.000Z&cd4=Lucas%20Baird&cd5=WEB&cd6=EA3AA8E7-27E4-4306-BE36-EDC717AC9817&cd7=Article&cd8=Companies&cd9=financialservices&cd10=authoring&cd11=p5djph&cd12=false&cd14=visitor&cd15=GA1.2.121274767.1694997204&cd21=AFR&cd22=Medibank%20Private%20Limited%7CAustralian%20Prudential%20Regulation%20Authority%7CJ.P.%20Morgan%20Chase%20%26%20Co%7CCyber%20protection%7CClass%20action&cd23=Cybersecurity%20(Editorial%20use)&cd24=non%20metered&cd28=P70F2B436-31E2-4369-A3CB-294DC350A880&cd29=afr.com-brand%20only&cd30=article&cd33=%225de0a6eb-1ff0-410c-8ded-5f6ca37af1b9%22&cd34=41744988649025680772310364721195617473&cd38=&cd40=desktop&cd42=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cd46=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&cd56=visitor&cd57=false&cd60=&cd61=false&cd62=&cd63=&cd64=&cd65=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&cd66=&z=1068769279
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Sep 2023 09:12:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55257
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
adservice.google.com/ddm/fls/z/
Redirect Chain
  • https://ad.doubleclick.net/activity;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=120844633.1694997203;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2?
  • https://ad.doubleclick.net/activity;dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=120844633.1694997203;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap...
  • https://adservice.google.com/ddm/fls/z/dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;ep...
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://adservice.google.com/ddm/fls/z/dc_pre=COnFr9L0soEDFf9GHgIdbDEBrA;src=6633783;type=afrpa0;cat=paywall;ord=7237171591133;auiddc=*;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sp.pl
sp.analytics.yahoo.com/ 		43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&b=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack&.yp=10167916&f=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&enc=UTF-8&yv=1.15.1&tagmgr=gtm
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Mon, 18 Sep 2023 00:33:24 GMT
collect
www.google-analytics.com/ 		35 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1232498541&t=event&ni=0&_s=3&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&dp=%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&ul=en-us&de=UTF-8&dt=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=meter&ea=meter%20impression&el=%23paywall-prompt-article-piano-id&ev=0&_u=aCDACEABBAAAACACI~&jid=&gjid=&cid=121274767.1694997204&tid=UA-91053368-8&_gid=1638449254.1694997204&gtm=45He39d0n81NN4PPKH&cd1=afr&cd2=2023-06-26T23%3A51%3A30.000Z&cd3=2023-06-26T22%3A27%3A46.000Z&cd4=Lucas%20Baird&cd5=WEB&cd6=EA3AA8E7-27E4-4306-BE36-EDC717AC9817&cd7=Article&cd8=Companies&cd9=financialservices&cd10=authoring&cd11=p5djph&cd12=false&cd14=visitor&cd15=GA1.2.121274767.1694997204&cd21=AFR&cd22=Medibank%20Private%20Limited%7CAustralian%20Prudential%20Regulation%20Authority%7CJ.P.%20Morgan%20Chase%20%26%20Co%7CCyber%20protection%7CClass%20action&cd23=Cybersecurity%20(Editorial%20use)&cd24=non%20metered&cd28=P70F2B436-31E2-4369-A3CB-294DC350A880&cd29=afr.com-brand%20only&cd30=article&cd33=%225de0a6eb-1ff0-410c-8ded-5f6ca37af1b9%22&cd34=41744988649025680772310364721195617473&cd38=&cd40=desktop&cd42=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&cd46=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&cd56=visitor&cd57=false&cd60=&cd61=false&cd62=&cd63=&cd64=&cd65=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&cd66=&z=543062381
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 17 Sep 2023 09:12:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
55257
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=yjvbku_728x90_
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.4 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-4.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 15 Jan 2023 02:16:03 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
age
21248243
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
ml5PDugQ49dXg7RHP_gA6xgzjEHpNBNradsOTcoylx0gOZ5t44xTHQ==
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-91053368-8&cid=121274767.1694997204&jid=873356730&_u=YCDACEAABAAAACACI~&z=99034837
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-91053368-8&cid=121274767.1694997204&jid=873356730&_u=YCDACEAABAAAACACI~&z=99034837
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:24 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
template.bundle.1.0.css
buy-au.piano.io/widget/dist/template/css/ Frame 5A17 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
361
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 10 Sep 2023 11:56:58 GMT
wn
prod-au-dash-10-1-3-53
server
cloudflare
etag
W/"26850-1694347018000"
vary
accept-encoding
content-type
text/css
server-time
0.001
cache-control
public, max-age=14400
cf-ray
80857f530e5c3630-FRA
expires
Mon, 18 Sep 2023 04:33:24 GMT
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/ Frame 5A17 		95 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2075690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
30323
last-modified
Thu, 22 Jun 2023 11:06:06 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942b1e-7673"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XZdhVvkqYQADId3ulqfCOQiY5XjKeANvHM61JK1pvnJvH7rt8c08L7fxCmBmMBXQDA5K2QAyYQjgT%2FVfaZV7ElkEhT%2Fgf%2BiFEp6D%2BwfCxAr5UnBdaQgSeXnxsyUFumnctvO1%2BDRZ"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d67382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/ Frame 5A17 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/1.4.1/jquery-migrate.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5965619
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3550
last-modified
Mon, 04 May 2020 16:11:46 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec2-2748"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NC75Zdmw%2FGNWDH8KWG57vHNvA%2BWwuEgYlJWNBYdznNsi5kWVgp894CQ74QW2e9CkcEd466yBWUCKIJBeyljklCIc2DTTESWhRCvvrj%2FN9476p%2FbQv62Jnh5Yqw9uUD7eeCnd3o%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d69382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5A17 		104 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
8384928
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
35086
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-1a191"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OrrNtVvOztqo%2FLAnuBfC8PwVCMktXptoqTY5B1oE%2F8MecHdkqW6Lb6D6R%2Bqi58Wtguek6xHZjZLdAjKHx%2FIqJ3WjWAJzDAlC5xkbO0UG8WwBlD%2Bksg8brlgc14UpLt5Ym1EMWkaj"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d6a382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular-animate.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5A17 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-animate.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
880904
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3978
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-f8a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C7OW3ewG5vjpzZw40ZTrSba5HP13s0OLPdfPIofQezurwgsUt%2Fo%2F0lEhkDzHvDMDndceW8ucKzDsQvxImFuxmhf5u0FcLRKLPOdgvLXNYtGn21bpwAJjP85wI5nGXxd8p%2F0fXrXi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d6f382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular-cookies.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5A17 		825 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-cookies.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2750312
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
434
last-modified
Thu, 22 Jun 2023 10:45:05 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942631-1b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RBVNaAWRB6oFMi%2Bqkh2KuN93Ts7hWh7Vxw9z6bo5J%2BZqxhd%2BMqsjHJ2%2BaMEaNSaqNzYb0FnJ6r8z61j19dalMSIkJ4CygVwksXiwNPt8e96nDtrU5K4H9Uhl8i5ZEbC3qgxzM43u"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d75382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular-sanitize.min.js
cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/ Frame 5A17 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular.js/1.2.22/angular-sanitize.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5686880
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2171
last-modified
Mon, 04 May 2020 16:04:53 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d25-11cf"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bCva1jhCitDsHsvgaPWNFjaRZNP0kRU3BhsMAj0z5OdCXlSE7KdqJ8svwpQjzqngYtNomUGAFSlg1xh5tDMsx%2BlUXf8p9g9nHn73JriPy5e9Q6OhJdK9KcL35TvlZ7a8aW1nHzTU"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d74382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
tmhDynamicLocale.min.js
cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/ Frame 5A17 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-dynamic-locale/0.1.27/tmhDynamicLocale.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
9524893
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
953
last-modified
Mon, 04 May 2020 16:04:43 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d1b-ad6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZGNcrHJnioN2psqksUA%2F0yEqdSrYeEDAe335rIbBA6uK4ewHe1LQbgO2NwrFBq%2FMT38iuGAwyER1nmrOW98tUmg6mjWhAQizRnLvRHwdjfJpPUP4ZvKWbUnlvdbhxBb6TI80aD18"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d70382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular-ui-utils.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/ Frame 5A17 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-utils/0.1.1/angular-ui-utils.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12394242
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
7490
last-modified
Mon, 04 May 2020 16:04:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d24-5b33"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rYVMcPEHUmzwpmFRwYSyaoJxi48FuDqByyHKUaGUwj2otmsCVSKy46hICP47GdIjZR6sEuS8KLi5RB0uyLxRABYkXzGdgM88s%2Bc8EMAFmSGS7tzGVayhnQT%2FuLOFlPd25UDVuMb1"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d6c382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular-ui-ieshiv.js
cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/ Frame 5A17 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui/0.4.0/angular-ui-ieshiv.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2573013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
911
last-modified
Thu, 22 Jun 2023 10:45:04 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"64942630-38f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Z%2FVbGMcHpwMJxXCGjkUP9x%2FWoZyREcE9fXAAuR%2BACiADgDYTg9EsiSifsyyCF6J1%2BwynKjccW1q7wGs1HgtYQhcr340N3JZlVSx4Jzh%2BwyX0YhjBecYI39o15p5pBwIltBfCuJq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d6e382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
angular-ui-router.min.js
cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/ Frame 5A17 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/angular-ui-router/0.2.10/angular-ui-router.min.js
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5192977
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6935
last-modified
Thu, 22 Jun 2023 10:45:03 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"6494262f-1b17"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K3RqEzU54lHNVyRJM%2FqwPJpETYhO0aDZZDS6qtApkTNLHuPV3MxWC2Q4lqX05S7Wdmr3vrAID1bFTFX2nHy%2BpwHD0JRW0F3sZ%2BVg0mHTVWNNm9aCAGNhqRx5TcdFDW1rjoHxRiA3"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
80857f551d6d382c-FRA
expires
Sat, 07 Sep 2024 00:33:25 GMT
H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA
buy-au.piano.io/_sam/ Frame 5A17 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://buy-au.piano.io/_sam/H4sIAAAAAAAAAD3IwQ6AIAgA0B9KmJ76m4bJHI6oBa7f7-bt7eEnrXNgEw8Mvh6lYBy-DHVaU95QpTqS9an0pgwFSkHJu63T-yTlgy1Nh-E_BjVxNVoAAAA?compressed=true&v=15.269.0
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88af976ada95b76a78536361981757870be4148a869a17515646c381efc8fdc7
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:24 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
HIT
age
813
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 12 Sep 2023 23:49:44 GMT
wn
prod-au-dash-10-1-2-209
server
cloudflare
optimized-by
_sam
vary
Accept-Encoding
content-type
text/javascript
server-time
0.000
cache-control
public, max-age=603987
cf-ray
80857f530e5e3630-FRA
expires
Mon, 25 Sep 2023 00:19:51 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/png
/
www.googleadservices.com/pagead/conversion/820867966/ Frame 3B20 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/820867966/?random=1694997205009&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6633783.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKjl2NH0soEDFfUOogMd-EoGAw%3Bsrc%3D6633783%3Btype%3Dafral0%3Bcat%3Dau_af0%3Bord%3D9155367430304%3Bauiddc%3D120844633.1694997203%3Bu1%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%3Bu7%3Dundefined%3Bu8%3Dcompanies%3Bu9%3DLucas%2520Baird%3Bu10%3DCybersecurity%2520(Editorial%2520use)%3Bu11%3Dvisitor%3Bu21%3DAPRA%2520hits%2520Medibank%2520Private%2520with%2520extra%2520%2524250%2520million%2520capital%2520requirement%2520after%2520hack%2520attack%3Bgtm%3D45He&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
cafe /
Resource Hash
9d56b0298b3dc0fab72c5cf8a678d7f609693eaad6d12bc08e9374d5b73900b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6633783.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1727
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=W93Wdc
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1... Frame A07C 		126 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/exm=_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Wdr3A1GCgVNd574zBO1Wsf4VHqA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=W93Wdc
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
dc938f559635297b823b589a07cc4d100e23d822abdf7f6d2cfbd58c2a2d7b6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Thu, 14 Sep 2023 21:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43542
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Fri, 13 Sep 2024 21:42:53 GMT
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1... Frame A07C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/exm=W93Wdc,_b,_tp/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Wdr3A1GCgVNd574zBO1Wsf4VHqA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
cdb2d45484ccbd8b8afad0df13bded17e5703ed552705236345f179be5c487c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1835
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:17:49 GMT
add38197243a1797f54a8107c572681c241536eb
static.ffx.io/images/$zoom_1.0605%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_12/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_1.0605%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_12/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/add38197243a1797f54a8107c572681c241536eb
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d7d9f5027e5a9274a0818bb1e8df6d3a3ba857fc29f11e3a39dbbce80b5d501d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 varnish, 1.1 varnish
age
1094943
edge-cache-tag
476932135272764787079952462215374141447,280250531606028176824481641615157709679,5f5f4219172da4ec8104790896b11172
cache-tag
476932135272764787079952462215374141447,280250531606028176824481641615157709679,5f5f4219172da4ec8104790896b11172
x-cache
HIT, HIT
content-disposition
inline; filename="add38197243a1797f54a8107c572681c241536eb.webp"
content-length
3028
x-cld-skey
476932135272764787079952462215374141447 280250531606028176824481641615157709679 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220061-FRA, cache-fra-eddf8230039-FRA
last-modified
Fri, 17 Mar 2023 00:11:07 GMT
server
cloudinary
x-timer
S1694997205.051257,VS0,VE1
etag
"f66931ebb3f07172e134ca3f03d421b6"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
c8d90a3923196cdec437d06afb0ecde6a9b7efed
static.ffx.io/images/$zoom_0.1703%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_15/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.1703%2C$multiply_4%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_15/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/c8d90a3923196cdec437d06afb0ecde6a9b7efed
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
b5b1c039ad2eb5186c6672002b75fa3ee53f358b418c712ad4c1ea086ef072ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 varnish, 1.1 varnish
age
18068
edge-cache-tag
314249210808367528987410123622666935209,366622666269099580123570633731324877347,5f5f4219172da4ec8104790896b11172
cache-tag
314249210808367528987410123622666935209,366622666269099580123570633731324877347,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="c8d90a3923196cdec437d06afb0ecde6a9b7efed.webp"
content-length
7260
x-cld-skey
314249210808367528987410123622666935209 366622666269099580123570633731324877347 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-eddf8230048-FRA, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 10:56:22 GMT
server
cloudinary
surrogate-reporting
width=140,height=89,bytes=7260,owidth=5472,oheight=3648,obytes=14653046
x-timer
S1694997205.051778,VS0,VE1
etag
"034ee06c7017f9f54732f6b2680e9abd"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
e9e271500557ed88c4986594cb11c9a4cd353f66
static.ffx.io/images/$zoom_0.7926%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_110/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.7926%2C$multiply_2%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_110/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/e9e271500557ed88c4986594cb11c9a4cd353f66
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
d79f6c54248f5b42ccec7c4b7bcb0fc2428f5c6d313a12a39b2f197f1ba93ade

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 varnish, 1.1 varnish
age
85013
edge-cache-tag
238500074547903979820191581773773112463,343906857765453748290477889093101228511,5f5f4219172da4ec8104790896b11172
cache-tag
238500074547903979820191581773773112463,343906857765453748290477889093101228511,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="e9e271500557ed88c4986594cb11c9a4cd353f66.webp"
content-length
4284
x-cld-skey
238500074547903979820191581773773112463 343906857765453748290477889093101228511 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-eddf8230036-FRA, cache-fra-eddf8230039-FRA
last-modified
Sun, 17 Sep 2023 00:28:19 GMT
server
cloudinary
surrogate-reporting
width=140,height=79,bytes=4284,owidth=1337,oheight=942,obytes=433975
x-timer
S1694997205.052546,VS0,VE1
etag
"9abeb8d18891d4944f18f2294b1c133e"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
f931f03e50927625b659455477d77f1e98fe88e0
static.ffx.io/images/$zoom_1%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_307/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_1%2C$multiply_1%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_307/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/f931f03e50927625b659455477d77f1e98fe88e0
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
df6d19e007b26d02fef81b82a982f7e4de5641f535b6b91a91df4134cafd2c9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 varnish, 1.1 varnish
age
48017
edge-cache-tag
373525293193750740813535743958908183048,210074257492485927017034196299003373320,5f5f4219172da4ec8104790896b11172
cache-tag
373525293193750740813535743958908183048,210074257492485927017034196299003373320,5f5f4219172da4ec8104790896b11172
x-cache
MISS, HIT
content-disposition
inline; filename="f931f03e50927625b659455477d77f1e98fe88e0.webp"
content-length
4506
x-cld-skey
373525293193750740813535743958908183048 210074257492485927017034196299003373320 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220104-FRA, cache-fra-eddf8230039-FRA
last-modified
Mon, 17 Oct 2022 00:06:09 GMT
server
cloudinary
surrogate-reporting
width=140,height=79,owidth=1280,oheight=911,obytes=730978
x-timer
S1694997205.063560,VS0,VE1
etag
"c7d93766c38dc8285e6009bb3e12a5f9"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1
74265062da191a906e25e74e088a684f8e108a91
static.ffx.io/images/$zoom_0.2383%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_172/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ffx.io/images/$zoom_0.2383%2C$multiply_3%2C$ratio_1.777778%2C$width_1059%2C$x_0%2C$y_172/t_crop_custom/c_scale%2Cw_140%2Cq_88%2Cf_auto/74265062da191a906e25e74e088a684f8e108a91
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
4fc701d332d11127f33ab265d15e3ee79bef42c5cf16fd6547cb375acda2f47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 varnish, 1.1 varnish
age
619151
edge-cache-tag
274001933978488049277307774853916509900,182887850477617308129658826188499931398,5f5f4219172da4ec8104790896b11172
cache-tag
274001933978488049277307774853916509900,182887850477617308129658826188499931398,5f5f4219172da4ec8104790896b11172
x-cache
HIT, HIT
content-disposition
inline; filename="74265062da191a906e25e74e088a684f8e108a91.webp"
content-length
4506
x-cld-skey
274001933978488049277307774853916509900 182887850477617308129658826188499931398 5f5f4219172da4ec8104790896b11172
x-served-by
cache-fra-etou8220056-FRA, cache-fra-eddf8230039-FRA
last-modified
Tue, 13 Sep 2022 06:34:34 GMT
server
cloudinary
x-timer
S1694997205.063553,VS0,VE1
etag
"a12ce5e0b5ab89856a249ee9aa081d41"
vary
User-Agent
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31557600
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1
/
www.facebook.com/tr/ Frame A7F2 		0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.afr.com
Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.afr.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:25 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
/
www.google.de/pagead/1p-conversion/820867966/ Frame 3B20
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=37560326...
  • https://www.google.com/pagead/1p-conversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C51224...
  • https://www.google.de/pagead/1p-conversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6633783.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKjl2NH0soEDFfUOogMd-EoGAw%3Bsrc%3D6633783%3Btype%3Dafral0%3Bcat%3Dau_af0%3Bord%3D9155367430304%3Bauiddc%3D120844633.1694997203%3Bu1%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%3Bu7%3Dundefined%3Bu8%3Dcompanies%3Bu9%3DLucas%2520Baird%3Bu10%3DCybersecurity%2520(Editorial%2520use)%3Bu11%3Dvisitor%3Bu21%3DAPRA%2520hits%2520Medibank%2520Private%2520with%2520extra%2520%2524250%2520million%2520capital%2520requirement%2520after%2520hack%2520attack%3Bgtm%3D45He&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIpf2z0vSygQMVTMC7CB3q3wGv&is_vtc=1&ocp_id=1ZoHZeW-AcyA7_UP6r-H-Ao&cid=CAQSKQBpAlJWwrKu3Jc-SzgmMeBxQNNq1uu22CXzfR5r8muzIqGCQvoxcjt6&random=3733983322&resp=GooglemKTybQhCsO&ipr=y
Requested by
Host: 6633783.fls.doubleclick.net
URL: https://6633783.fls.doubleclick.net/ddm/fls/r/dc_pre=CKjl2NH0soEDFfUOogMd-EoGAw;src=6633783;type=afral0;cat=au_af0;ord=9155367430304;auiddc=120844633.1694997203;u1=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph;u7=undefined;u8=companies;u9=Lucas%20Baird;u10=Cybersecurity%20(Editorial%20use);u11=visitor;u21=APRA%20hits%20Medibank%20Private%20with%20extra%20%24250%20million%20capital%20requirement%20after%20hack%20attack;gtm=45He39d0;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
142.250.184.195 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://6633783.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:25 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.de/pagead/1p-conversion/820867966/?random=916217030&cv=9&fst=1694997205009&num=1&npa=1&label=ri7tCKuy44UYEP7mtYcD&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=2&url=https%3A%2F%2F6633783.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCKjl2NH0soEDFfUOogMd-EoGAw%3Bsrc%3D6633783%3Btype%3Dafral0%3Bcat%3Dau_af0%3Bord%3D9155367430304%3Bauiddc%3D120844633.1694997203%3Bu1%3Dhttps%253A%252F%252Fwww.afr.com%252Fcompanies%252Ffinancial-services%252Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%3Bu7%3Dundefined%3Bu8%3Dcompanies%3Bu9%3DLucas%2520Baird%3Bu10%3DCybersecurity%2520(Editorial%2520use)%3Bu11%3Dvisitor%3Bu21%3DAPRA%2520hits%2520Medibank%2520Private%2520with%2520extra%2520%2524250%2520million%2520capital%2520requirement%2520after%2520hack%2520attack%3Bgtm%3D45He&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CKG4sQI&pscrd=IhMIpf2z0vSygQMVTMC7CB3q3wGv&is_vtc=1&ocp_id=1ZoHZeW-AcyA7_UP6r-H-Ao&cid=CAQSKQBpAlJWwrKu3Jc-SzgmMeBxQNNq1uu22CXzfR5r8muzIqGCQvoxcjt6&random=3733983322&resp=GooglemKTybQhCsO&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
m=LEikZe
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1... Frame A07C 		236 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/exm=FCpbqb,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Wdr3A1GCgVNd574zBO1Wsf4VHqA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=LEikZe
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
160
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:17:49 GMT
m=bm51tf
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1... Frame A07C 		1 KB
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Wdr3A1GCgVNd574zBO1Wsf4VHqA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=bm51tf
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
4d8eb08b64666df2b7ee524dc3bfbcec510924f671e4614700ab286c4f528937
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sat, 16 Sep 2023 06:01:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
720
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Sun, 15 Sep 2024 06:01:09 GMT
m=RqjULd
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1... Frame A07C 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/exm=FCpbqb,LEikZe,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Wdr3A1GCgVNd574zBO1Wsf4VHqA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
91093a6e6b8ca5ac7fd23a1567462b54a58b08bd6ab1faa651ed7d2cad430960
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6411
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:17:49 GMT
batchexecute
news.google.com/swg/_/SubscribewithgoogleClientUi/data/ Frame A07C 		152 B
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://news.google.com/swg/_/SubscribewithgoogleClientUi/data/batchexecute?rpcids=SlvRf&source-path=%2Fswg%2Fui%2Fv1%2Fserviceiframe&f.sid=608167870522219420&bl=boq_subscribewithgoogleclientserver_20230911.08_p0&hl=de&soc-app=673&soc-platform=1&soc-device=1&_reqid=9206&rt=c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f14.1e100.net
Software
ESF /
Resource Hash
1c631ed061f5330a51a56ea8e76c364a031e2a3a999b8a6af0b6c1c630900210
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-Same-Domain
1
Referer
https://news.google.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /swg/_/SubscribewithgoogleClientUi/cspreport
content-encoding
gzip
cross-origin-resource-policy
same-site
content-disposition
attachment; filename="response.bin"; filename*=UTF-8''response.bin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1... Frame A07C 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/ck=boq-subscribewithgoogle.SubscribewithgoogleClientUi.gjuXE6Whk_8.L.B1.O/am=AMA0/d=1/exm=FCpbqb,LEikZe,RqjULd,W93Wdc,WhJNk,Wt6vjf,_b,_tp,bm51tf,hhhU8,ws9Tlc/excm=_b,_tp,serviceiframeview/ed=1/wt=2/ujg=1/rs=ABXTjI5Wdr3A1GCgVNd574zBO1Wsf4VHqA/ee=EVNhjf:pw70Gc;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:SdcwHb;Me32dd:MEeYgc;NPKaK:SdcwHb;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:QIhFr;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:s39S4;oGtAuc:sOXFj;pXdRYb:MdUzUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:O1Gjze;xqZiqf:wmnU7d;yxTchf:KUM7Z;zxnPse:GkRiKb/m=n73qwf,GkRiKb,e5qFLc,IZT63,UUJqVe,O1Gjze,O6y8ed,PrPYRd,MpJwZc,XVMNvd,L1AAkb,KUM7Z,s39S4,SdcwHb,aW3pY,pw70Gc,wmnU7d,xQtZb,QIhFr,hc6Ubd,SpsfSb,Z5uLle,MdUzUe,zbML3c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
7a1ddfd8ee7dbab825e8de08a275cf5a6312d81765337dcd59aef6e270de382e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://news.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Tue, 12 Sep 2023 17:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458136
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/subscribewithgoogle-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37095
x-xss-protection
0
last-modified
Tue, 12 Sep 2023 02:51:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/subscribewithgoogle-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/subscribewithgoogle-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/subscribewithgoogle-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Wed, 11 Sep 2024 17:17:49 GMT
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A07C 		131 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://news.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://news.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/plain; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
expires
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame A07C 		131 B
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-subscribewithgoogle/_/js/k=boq-subscribewithgoogle.SubscribewithgoogleClientUi.de.2k4C3Bq4xfw.es5.O/am=AMA0/d=1/excm=_b,_tp,serviceiframeview/ed=1/dg=0/wt=2/ujg=1/rs=ABXTjI4gANTgPlfgzyYndx2bWj1Q7KTwHw/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.206 Old Bridge, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f14.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://news.google.com/
X-Goog-AuthUser
0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
server
Playlog
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://news.google.com
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
X-Playlog-Web
content-length
131
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 18 Sep 2023 00:33:26 GMT
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ 		2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.18.2/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.168.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.168.110.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.afr.com
x-cloud-trace-context
18fd297f0bd79e66cb7a97d3b92dab2a
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
i.ffx.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.168.46 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
46.168.110.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.afr.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 18 Sep 2023 00:33:25 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
48bf7326dbf3d6182ff74a09ab2052fa
tp2
i-dev.ffx.io/com.snowplowanalytics.snowplow/ 		2 B
167 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i-dev.ffx.io/com.snowplowanalytics.snowplow/tp2
Requested by
Host: d2uhnetoehh304.cloudfront.net
URL: https://d2uhnetoehh304.cloudfront.net/2.18.2/sp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.80.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
153.80.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
via
1.1 google
server
Google Frontend
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.afr.com
x-cloud-trace-context
e88a4b8647cee7eb3382d3056a17c573
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
tp2
i-dev.ffx.io/com.snowplowanalytics.snowplow/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i-dev.ffx.io/com.snowplowanalytics.snowplow/tp2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.80.153 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
153.80.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.afr.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-allow-origin
https://www.afr.com
access-control-max-age
5
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html
date
Mon, 18 Sep 2023 00:33:25 GMT
server
Google Frontend
via
1.1 google
x-cloud-trace-context
726c87a8c7dbcacf57a51b527bb5291d
fail-icon.png
buy-au.piano.io/widget/dist/template/css/img/ Frame 5A17 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://buy-au.piano.io/widget/dist/template/css/img/fail-icon.png
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://buy-au.piano.io/widget/dist/template/css/template.bundle.1.0.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:25 GMT
strict-transport-security
max-age=86400; includeSubDomains
cf-cache-status
HIT
age
3663
p3p
CP="NON DSP COR OUR IND"
x-forwarded-https
on
alt-svc
h3=":443"; ma=86400
content-length
2177
last-modified
Tue, 12 Sep 2023 23:49:44 GMT
wn
prod-au-dash-10-1-3-53
server
cloudflare
etag
W/"2177-1694562584000"
vary
Accept-Encoding
content-type
image/png
server-time
0.000
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
80857f5588043630-FRA
expires
Mon, 18 Sep 2023 04:33:25 GMT
suecahd-bold-webfont.woff2
www.afr.com/fonts/ Frame 5A17 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecahd-bold-webfont.woff2
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://buy-au.piano.io/
Origin
https://buy-au.piano.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:25 GMT
age
86206
uber-trace-id
b2c2a4b172e0126e:b2c2a4b172e0126e:0:0
x-cache
MISS, HIT, HIT
content-length
22596
x-served-by
cache-syd10154-SYD, cache-syd10154-SYD, cache-fra-eddf8230094-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694824598.642382,VS0,VE12
etag
W/"5844-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://buy-au.piano.io
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
vary
Origin
accept-ranges
bytes
x-cache-hits
0, 13, 1
suecanano-regular-webfont.woff2
www.afr.com/fonts/ Frame 5A17 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecanano-regular-webfont.woff2
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://buy-au.piano.io/
Origin
https://buy-au.piano.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:25 GMT
age
86202
uber-trace-id
edf8b0ab0092854d:edf8b0ab0092854d:0:0
x-cache
MISS, HIT, HIT
content-length
18020
x-served-by
cache-syd10175-SYD, cache-syd10175-SYD, cache-fra-eddf8230094-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694824601.834536,VS0,VE9
etag
W/"4664-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://buy-au.piano.io
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
vary
Origin
accept-ranges
bytes
x-cache-hits
0, 13, 1
suecanano-semibold-webfont.woff2
www.afr.com/fonts/ Frame 5A17 		17 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.afr.com/fonts/suecanano-semibold-webfont.woff2
Requested by
Host: buy-au.piano.io
URL: https://buy-au.piano.io/checkout/template/cacheableShow?aid=lrJ8j3qepa&templateId=OT0HDHTPDWR3&templateVariantId=OTV638XP598ON&offerId=fakeOfferId&experienceId=EXLG5OTINJSN&iframeId=offer_39aae7c2a3dff289cee0-0&displayMode=inline&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&widget=template&url=https%3A%2F%2Fwww.afr.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin

Request headers

Referer
https://buy-au.piano.io/
Origin
https://buy-au.piano.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
via
1.1 varnish, 1.1 varnish, 1.1 varnish
date
Mon, 18 Sep 2023 00:33:25 GMT
age
22646
uber-trace-id
b57f0e6eacee2456:b57f0e6eacee2456:0:0
x-cache
MISS, HIT, HIT
content-length
17904
x-served-by
cache-syd10130-SYD, cache-syd10130-SYD, cache-fra-eddf8230094-FRA
last-modified
Fri, 15 Sep 2023 05:51:46 GMT
accept-ch
sec-ch-ua-model, sec-ch-ua-platform-version
x-timer
S1694801758.991426,VS0,VE12
etag
W/"45f0-18a97653150"
x-frame-options
sameorigin
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
https://buy-au.piano.io
cache-control
public, max-age=86400
x-varnish-grace
none
permissions-policy
ch-ua-model=*, ch-ua-platform-version=*
vary
Origin
accept-ranges
bytes
x-cache-hits
0, 4, 1
cx.js
cdn.cxense.com/ 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.cce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.213.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-213-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
06f3fd2f38c9a5cb102b6c407322b7deb9a618aa38ff2217ed3a7d9c19cc89e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:33:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Sep 2023 16:42:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36544
Expires
Mon, 18 Sep 2023 01:33:25 GMT
/
adc.nine.com.au/ 		89 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adc.nine.com.au/?aam_uuid=41744988649025680772310364721195617473
Requested by
Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.55.162.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-162-157.ap-southeast-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
f55bd8206cc79207d7c5408949d9a425231382ada8b988dbbb3e5fa8cf490dc9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Accept
application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
strict-transport-security
max-age=2592000
server
awselb/2.0
vary
Origin
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://www.afr.com
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
access-control-allow-credentials
true
content-length
89
SiteEvent.dotmetrics
au-script.dotmetrics.net/ 		399 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://au-script.dotmetrics.net/SiteEvent.dotmetrics?v=eyJpZCI6MTI4NzksImZsIjp0cnVlLCJkb20iOiJ3d3cuYWZyLmNvbSIsImxzbyI6bnVsbCwidXJsIjoiaHR0cHM6Ly93d3cuYWZyLmNvbS9jb21wYW5pZXMvZmluYW5jaWFsLXNlcnZpY2VzL2FwcmEtaGl0cy1tZWRpYmFuay13aXRoLTI1MG0tcHVuaXNobWVudC1mb3ItYnJlYWNoLTIwMjMwNjI3LXA1ZGpwaCIsInJ1cmwiOiIiLCJwdmlkIjoiZGVjNzE5YjQtNWZiYy00N2NjLTg0OTctMWM2NzA5YjQwYTcwIiwidHpPZmZzZXQiOi0xMjAsIm9zcyI6dHJ1ZSwib3NlcyI6dHJ1ZX0%3D&r=1694997205550
Requested by
Host: au-script.dotmetrics.net
URL: https://au-script.dotmetrics.net/Scripts/script.js?v=232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-94.fra60.r.cloudfront.net
Software
Kestrel /
Resource Hash
1bc03d57c1b968a96bb1036039a0e01257c19a0c4fabddce9e22fc9459aa637d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
br
via
1.1 ed4565467c6c9847b6a3fcb6cec799e4.cloudfront.net (CloudFront)
server
Kestrel
x-amz-cf-pop
FRA60-P1
vary
Accept-Encoding
x-cache
Miss from cloudfront
p3p
policyref="https://au-script.dotmetrics.net/w3c/p3p.xml", CP="NOI DSP LAW CURa ADMa DEVa PSAa HISa OUR IND STA"
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
y9rQd0S4Rq4lrjyJbI4h2WiKA0BAzV9iV7cy9yEAt8CnsETXyWfkZA==
sp1.html
cdn.cxense.com/ Frame 57BB 		672 B
747 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/sp1.html
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.213.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-213-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Cache-Control
max-age=864000
Connection
keep-alive
Content-Encoding
gzip
Content-Length
377
Content-Type
text/html
Date
Mon, 18 Sep 2023 00:33:25 GMT
Expires
Thu, 28 Sep 2023 00:33:25 GMT
Last-Modified
Wed, 02 Aug 2023 12:14:52 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
503b5b4ff54d49e61a34cc9c928304549a6b0c0d2d8d
strangersponge.com/0/e8beabc6/ 		288 B
789 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://strangersponge.com/0/e8beabc6/503b5b4ff54d49e61a34cc9c928304549a6b0c0d2d8d
Requested by
Host: teenytinyshirt.com
URL: https://teenytinyshirt.com/v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
4a4c28fe60f687d2f08bc151c50e74e6fcbd7c1e0d8248007e6610b9966b08dc
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 18 Sep 2023 00:33:26 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
288
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.afr.com
x-hostname
fen-hoothoot-europe-west1-w5gn
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Mon, 18 Sep 2023 00:33:25 GMT
adsct
t.co/i/ 		43 B
117 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=4&eci=1&event_id=5ac0647b-9c33-4711-84a2-67990255e1d8&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeca733e-6963-4f30-82b7-5e52d532e7d5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6rsc&type=javascript&version=2.3.29
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time
170
date
Mon, 18 Sep 2023 00:33:25 GMT
strict-transport-security
max-age=0
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
46b105640d0572c9
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
ed24dd2c38d176e8a9892e5d1cef0907208dbfcf01ba211948ce9d02062a4996
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
118 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=4&eci=1&event_id=5ac0647b-9c33-4711-84a2-67990255e1d8&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=eeca733e-6963-4f30-82b7-5e52d532e7d5&tw_document_href=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=o6rsc&type=javascript&version=2.3.29
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-response-time
169
date
Mon, 18 Sep 2023 00:33:25 GMT
strict-transport-security
max-age=631138519
server
tsa_f
content-type
image/gif;charset=utf-8
x-transaction-id
4179f70611301f4e
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e3bcbca14be06aa52054ecdc68ee8d3695a37d619884726632179b0fd592c35f
content-length
43
cx.js
cdn.cxense.com/ Frame 57BB 		110 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cxense.com/cx.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.213.4 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-213-4.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
116f5371289b5d493bc6f6921ef995663397e1639750895951013e82d9ae7578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/sp1.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:33:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Sep 2023 16:42:13 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
36544
Expires
Mon, 18 Sep 2023 01:33:26 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 858A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
823
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
80857f5a9e623657-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Mon, 18 Sep 2023 04:33:26 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 87F3 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
64659
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 18 Sep 2023 00:33:26 GMT
ETag
W/"623de86a-cf34"
Expires
Sat, 12 Aug 2023 06:34:33 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5289, 365109
X-Served-By
cache-lga13626-LGA, cache-fra-eddf8230025-FRA
X-Timer
S1694997206.188316,VS0,VE0
usync.html
eus.rubiconproject.com/ Frame 4A3C 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 18 Sep 2023 00:33:26 GMT
ETag
"4014f-119-6051b805b8000"
Last-Modified
Mon, 11 Sep 2023 20:52:16 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A729 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=85291
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Tue, 19 Sep 2023 00:14:57 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync
eb2.3lift.com/ Frame E84A 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 18 Sep 2023 00:33:26 GMT
usersync
ads.playground.xyz/
Redirect Chain
  • https://ib.adnxs.com/getuidnb?https://ads.playground.xyz/usersync?partner=appnexus&uid=$UID
  • https://ads.playground.xyz/usersync?partner=appnexus&uid=8386155878032714811
43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.playground.xyz/usersync?partner=appnexus&uid=8386155878032714811
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-request-id
7beca9a3-d789-45ab-a94a-09a1dbc39a3b

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
an-x-request-uuid
09e5d017-f59b-43f4-a9e2-98f9871abfb4
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.playground.xyz/usersync?partner=appnexus&uid=8386155878032714811
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame A729 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=38030430&p=158309&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
f581f95dda85779a86c872f49d394493b67e8f062b72f0e3a2ab9b42e717e272

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ads
securepubads.g.doubleclick.net/gampad/ 		2 KB
762 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2291029211604058&correlator=252659873171250&eid=31077942&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=21671780509%2Cafr%2Ccompanies%2Cfinancialservices&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C728x90%2C970x250%7C728x90%2C300x600%7C300x250%7C160x600&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694997206224&lmt=1694990006&adxs=315%2C315%2C-9&adys=231%2C1248%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C1%7C-1&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&vis=1&psz=1600x138%7C1340x122%7C0x-1&msz=1600x90%7C1340x90%7C0x-1&fws=4%2C4%2C2&ohw=1600%2C1600%2C0&ga_vid=121274767.1694997204&ga_sid=1694997206&ga_hid=1232498541&ga_fc=true&dlt=1694997202848&idt=1763&prev_scp=pos%3D1%26foldposition%3Dabove%26src_ad_id%3Dadspot-970x250_728x90-pos1-desktop%7Cpos%3D2%26foldposition%3Dabove%26src_ad_id%3Dadspot-970x250_728x90-pos2-desktop%7Cpos%3D3%26foldposition%3Dabove%26src_ad_id%3Dadspot-300x600_300x250_160x600-pos3-desktop&cust_params=pageId%3Dp5djph%26pageviewid%3DBA7D0AF0-E81F-4234-A85C-DE5E6F44960F%26autoRefresh%3Dfalse%26csub%3Dvisitor%26layout%3Dblue%26cat%3Dcompanies%26cat1%3Dfinancialservices%26cat2%3Dcybersecurity%26tag%3Dcybersecurity%252Cmedibank-private%252Capra%252Cjp-morgan-chase%252Ccyber-protection%252Cclass-action%26ctype%3Darticle%26brms%3Dtrue%26brvs%3Dtrue%26deployEnv%3Dproduction%26swgt%3Dna%26adKitVersion%3D1.4.3%26sysEnv%3Ddesktop%26amznbid%3D0%26amznp%3D0%26m_data%3D0%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData%26gs_cat%3Dgv_safe%252Cjourno_finexpert%252Cnims_who_mattered%252Cneg_custom_brandsafety_westpac%252Cneg_toyota_brandsafety%252Ccustom_sustainability_business%252Cneg_apple_keywords%252Ccustom_gs_cfs%252Ccustom_gs_institutional_investors%252Cneg_custom_orangeskyaustralia%252Camex_master_kwbl%252Ccustom_fssa_financial_sector%252Cnims_all_things_summer%252Cneg_custom_deutschebank%252Cgs_predicts_insurance%252Cneg_cadbury100years_brandsafety%252Cnims_summer_reading%252Cgs_predicts_startups%252Cneg_custom_youtube%252Cwestpac_kwbl%252Cneg_ffx_anzbank_kwbl%252Cneg_cadbury_brandsafety_oa%252Cgb_safe%252Cgs_busfin%252Cmayohardware_thermalbodycameras%252Csustainable-investing%252Cneg_custom_norwegiancruiseline%252Ccustom_nab_2020%252Cneg_custom_tasman%252Ccustom_gs_vantagemarkets%252Cfinancial-planning%252Chousingmarket%252Cnims_inspirational_women%252Cbunnings_master_kwbl%252Cgs_predicts_businessandfinance%252Cneg_westpac_brandsaftey2020%252Cwestpac_brandsaftey%252Cardent_kwbl%252Cdreamworld_accident_kwbl%252Cneg_custom_bunnings%252Cneg_custom_celebrity_cruises%252Cneg_custom_fidelity%252Cgs_predicts_marketers%252Ccustom_gs_amazon_daisy_jones%252Cgt_mixed%252Cproductivity%252Cneg_custom_tiffanyandco_queen_death%252Cneg_queen_elizabeths_death%252Cinternet%252Ctechdevices%252Cneg_custom_nespresso%252Csemi_retired_workforce_predts%252Cneg_custom_homeworld%252Cneg_custom_melbourne_business_school%252Cneg_custom_hermes%252Chome_loans_predts%252Cfamily-entertainment%252Cbunnings_kwbl%252Cmicrosoft_master_kwbl%252Chbf_negative_kwbl%252Cfinancev2_kwbl%252Cffx_volkswagen_kw_blacklist%252Camex_kwbl%252Cbtfinancial_kwbl%252Ccommsec_negativekeywords%252Cgambling_kwbl%252Clandcorp_kwbl%252Cubank_kwbl%252Cgs_predicts_buyingahome%252Cgs_predicts_retail_industry%252Ccustom_ptarmigan_media%252Cfirsthomebuyers%252Cgs_finance%252Cneg_lego_custom%252Ccustom_business_insurance%252Cgs_busfin_business%252Cwoolworths_retail_vertical%252Cxero_competitors_predts%252Cgs_predicts_movers%252Cnims_arts_and_culture%252Cgs_business%252Csubaru_master_kwbl%252Cmicrosoft_kwbl%252Cpaypal_sme_predts%252Crexona_kwbl%252Cauto_kwbl%252Cbanking_kwbl%252Cford_kwbl%252Cneg_gb_gambling%252Coptus_kwbl%252Cgs_predicts_doyourowntaxes%252Cgs_predicts_realestateind%252Cgs_tech_compute%252Cstreaming%252Cneg_mcdonalds_kwbl%252Cgreat_southern_rail_kwbl%252Cgs_predicts_needinglegalcouncil%252Ccustom_gs_jemena%252Cgs_finance_insurance%252Cgs_busfin_economy%252Cgs_predicts_bussoftwarebuyers%252Cgs_predicts_charity%252Cgs_personalfin_insure%252Cnab_neg_kw%252Coyster_bay_master_kwbl%252Cyoutube_kwbl%252Cnesting_seg_example%252Cbupa_kwbl%252Chealthcare%252Cinsurance_health%252Cgs_predicts_software_industry%252Cneg_custom_mondelez%252Cneg_custom_mondelez2020%252Cchanging_careers_predts%252Cgs_predicts_newjob%252Cgs_predicts_cuttingedgetechenthusiasts%252Ctech_internet_security%252Cgs_predicts_dietfitness%252Cfxcm_kwbl%252Clogmein_meetings_predts%252Cgs_predicts_holidayshoppers%252Cgs_predicts_diningindelivery%252Cneg_custom_freestyle_libre%252Cneg_sabic_brandsafety%252Cnims_travel_and_experiences%252Cgs_predicts_girlsweekend%252Ciag_552192_blocked_words%252Csecondary_income_predts%252Ccustom_pridemonth%252Chealth-wellness%252Cneg_ninepub_covid19%252Cninepub_covid19%252Cgs_predicts_graduatedegree%252Cgs_predicts_moms_dads_grads%252Cgs_predicts_golden_week%252Cinfrastructure%252Ccustom_afr_fixed_income%252Cgs_predicts_findapro_taxseason%252Cgs_predicts_small_med_bus&adks=1032782211%2C2759024753%2C4181157633&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
lhr35s10-in-f2.1e100.net
Software
cafe /
Resource Hash
93c0e8684d4064f5f82746b394c5abe14c85f36889a5cfcba2d2d6ce631ea479
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
480
x-xss-protection
0
google-lineitem-id
-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D54F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Tue, 17 Sep 2024 00:33:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 4A3C 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
60de5b1e7cdbab68fcd0a8433cf1cac6e85895fc405d8550bd0142a4599340a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:33:26 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Sep 2023 10:48:18 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=36937
Connection
keep-alive
Content-Length
10521
Expires
Mon, 18 Sep 2023 10:49:03 GMT
p1.js
p1cluster.cxense.com/ Frame 57BB 		46 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://p1cluster.cxense.com/p1.js
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
85a83f5dd7e91e704612bb90f4cde11659978a75d7fd46aa32efa6618e28d9ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
last-modified
Sat, 18 Mar 2023 00:33:26 GMT
server
Jetty(9.4.28.v20200408)
etag
kptaq02ku0v81gj6c3bylctkp
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
text/javascript;charset=utf-8
cache-control
private, proxy-revalidate
content-length
46
expires
Wed, 18 Sep 2024 00:33:26 GMT
async_usersync
ib.adnxs.com/ Frame 87F3 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
an-x-request-uuid
e7730b89-8160-4cff-b5b5-5dacd9d0534e
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4585 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b98680b48e78c31e2d01074a7d0836baab5fa9c0f6c16976effbd7a95b7b39b6

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
80857f5b7a311c3e-FRA
content-encoding
br
content-type
text/html
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9oCP2276B7Ksly0vXGnJSLIA42sPilBWn34XKDUydeqE%2Bzh8QintwxpgeXUnjuGcYGzuoVm0JYVIJ8Zq5ELwJhVyIiuiDbt%2Flauw53nJ5XFvH14ZKbgRzfGqIr1JeJLx2FmU1JU01MAnyg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usersync.aspx
dis.criteo.com/dis/ Frame 450E 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Mon, 18 Sep 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205364
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 01FB
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 18 Sep 2023 00:33:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NYD2X77PQEAYS1WWSX2R

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Mon, 18 Sep 2023 00:33:26 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MRQ3W80A393ZKWR9BJD4
Pug
image2.pubmatic.com/AdServer/ Frame B025
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx
42 B
416 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame 2949
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8386155878032714811&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8386155878032714811&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
b50845cb-069c-40b6-8c84-d7495596e858
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=8386155878032714811&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A729
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=zfXFSrsTSUeS0hFUNGXh5w%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Server
184.30.16.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
content-encoding
gzip
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=85291
accept-ranges
bytes
content-length
5606
expires
Tue, 19 Sep 2023 00:14:57 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame A729 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.182.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-182-246.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.30.124
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame A729
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2263123401
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDF5C54A-BB13-4947-92D2-11543465E1E7
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDF5C54A-BB13-4947-92D2-11543465E1E7
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
via
1.1 google
last-modified
Mon, 18 Sep 2023 00:33:26 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=CDF5C54A-BB13-4947-92D2-11543465E1E7
date
Mon, 18 Sep 2023 00:33:25 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame A729
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=CDF5C54A-BB13-4947-92D2-11543465E1E7
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MDlibzJWQUJsUkhSVENrM25MaVBuNFZvUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=6271803876878150225&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
HTTP/1.1
Server
54.211.118.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-118-49.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date
Mon, 18 Sep 2023 00:33:27 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 18 Sep 2023 00:33:26 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=Q0RGNUM1NEEtQkIxMy00OTQ3LTkyRDItMTE1NDM0NjVFMUU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnNfKE0Og8N1k2f64dNqsg&google_cver=1
42 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnNfKE0Og8N1k2f64dNqsg&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:25 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESENnNfKE0Og8N1k2f64dNqsg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame A729 		43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 17 Sep 2023 00:33:26 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6271803876878150225
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6271803876878150225
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=6271803876878150225
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A729 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
SPug
image4.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=CDF5C54A-BB13-4947-92D2-11543465E1E7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lacuCXNE2uUdxc9p3YPf5xMoXrYTvaQ-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lacuCXNE2uUdxc9p3YPf5xMoXrYTvaQ-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-lacuCXNE2uUdxc9p3YPf5xMoXrYTvaQ-~A&gdpr=0
date
Mon, 18 Sep 2023 00:33:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
35c83e99d0d920da83ba3a699723bcde66c95
strangersponge.com/4496af2ceb9b7da/ 		3 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://strangersponge.com/4496af2ceb9b7da/35c83e99d0d920da83ba3a699723bcde66c95
Requested by
Host: teenytinyshirt.com
URL: https://teenytinyshirt.com/v2tyfY4qGZ1PuKktCNpIp9UkAZT9bIEbMZHL8bVUtrAI8KCeg1sbqNXi-0qUYmJJy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.110.181.170 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
170.181.110.34.bc.googleusercontent.com
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Mon, 18 Sep 2023 00:33:26 GMT
via
1.1 google
x-buildnumber
998028631
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.afr.com
x-hostname
fen-hoothoot-europe-west1-w5gn
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
rep.gif
comcluster.cxense.com/Repo/ Frame 57BB 		43 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://comcluster.cxense.com/Repo/rep.gif?ver=2.8.32&typ=pgv&rnd=lmo5kkhfg9e0w4xf&sid=5856171101562569189&loc=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&new=1&arf=0&ltm=1694997205729&ref=&tzo=-120&wsz=1600x1200&res=1600x1200&dpr=1&col=24&bln=en-US&chs=UTF-8&cks=lmo5kmbit46qfum2&ckp=lmo5kkhfsws1g5ow&glb=&amo=1687823490&cp_userState=anon&cst=kptaq02ku0v81gj6c3bylctkp
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/sp1.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.cxense.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
date
Mon, 18 Sep 2023 00:33:26 GMT
server
Jetty(9.4.28.v20200408)
content-length
43
content-type
image/gif
id
id.cxense.com/public/user/ 		103 B
674 B 		Script
General
Check archive.org
Download Go to
Full URL
https://id.cxense.com/public/user/id?json=%7B%22identities%22%3A%5B%7B%22type%22%3A%22ckp%22%2C%22id%22%3A%22lmo5kkhfsws1g5ow%22%7D%2C%7B%22type%22%3A%22lst%22%2C%22id%22%3A%22kptaq02ku0v81gj6c3bylctkp%22%7D%2C%7B%22type%22%3A%22cst%22%2C%22id%22%3A%22kptaq02ku0v81gj6c3bylctkp%22%7D%5D%2C%22siteId%22%3A%225856171101562569189%22%2C%22location%22%3A%22https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%22%7D&callback=cXJsonpCB1
Requested by
Host: cdn.cxense.com
URL: https://cdn.cxense.com/cx.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
167.235.124.60 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nue0038.cxense.com
Software
Jetty(9.4.28.v20200408) /
Resource Hash
83e75831b74126414123fe9ed90d420ad5a9efd317573ce65bb2eadb62bd824f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
x-content-type-options
nosniff
server
Jetty(9.4.28.v20200408)
content-type
text/javascript;charset=utf-8
p3p
policyref="http://www.cxense.com/w3c/p3p.xml", CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-store, no-cache, must-revalidate
content-length
103
expires
Mon, 26 Jul 1997 05:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4585
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZQea1FM-epu7ZJhQ4FVnlAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENEdTqjG80k0fGo7SYMtEGQ&google_cver=1
43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENEdTqjG80k0fGo7SYMtEGQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F42K346iYa5iKsr8ZkX8sMrxJ6BDo%2BovK7jT04%2B6sopuvpYg6jSA3Ri9xA8uWjbR5ZWdGmgeZQQmqqnEjz9lxloQ9a5NTKk%2Fj5ZFq%2BTNTjVVcnNZ7gPxMdJBWuRHniq%2BOJMyw%2FcbTOXGZw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80857f5c7aa61c3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESENEdTqjG80k0fGo7SYMtEGQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 4585 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dcm
s.amazon-adsystem.com/ Frame 4585
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 00:33:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MTJZS3SCM58X74KY7ZP3
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 00:33:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
P01G9KVNX1BW4YPTBNR1
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4585
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZQea1FM_epu7ZJhQ4FVnlAAACIQAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPDhwXPiwxzxgDo2ENO4p1U&google_cver=1
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPDhwXPiwxzxgDo2ENO4p1U&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yEk8GNYzmm2L21%2BugQDBmBab%2FhUYpgQm7lWdSWxLf5R2LMOJH8zmxR3FF6M1xqTvgR7jbHuWV572tproYzW01faQw07nPbD0yeG5%2FAsKRoMD96MKoy555MOtqTYKWKKSi41ZCi7uRxghWw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80857f5bea671c3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEPDhwXPiwxzxgDo2ENO4p1U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
user-registering
ads.stickyadstv.com/ Frame 4585 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZQea1FM-epu7ZJhQ4FVnlAAA%262180&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.89 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-89.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 00:33:26 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1694997206373017-502
Expires
Mon, 18 Sep 2023 00:33:26 GMT
tp_out
d.adroll.com/cm/index/ Frame 4585 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.218.56 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-218-56.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.22.1
content-length
42
vary
Cookie
content-type
image/gif
ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180
dpm.demdex.net/ Frame 4585 		42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZQea1FM-epu7ZJhQ4FVnlAAA%262180?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-04d7ad54c.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
G8gZ3zNwR34=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame 4585
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C2D24AE7E4E444D8A5246B5DBF49D660
43 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C2D24AE7E4E444D8A5246B5DBF49D660
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1MozI1V7sllPddGNhhnw1SldnxC7cgLS0VX32wbFZMIHmoEg%2B6HM%2BbI7%2Fs1TmZzl0pG3oUNO4bF7ulPKF392nOdYv%2F25GjAl8hFnKJRYUJCEACpASmaHddo%2Bg4FOya4SDfXcEuN702yrVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
80857f5c1a7d1c3e-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Mon, 18 Sep 2023 00:33:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=C2D24AE7E4E444D8A5246B5DBF49D660
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 17 Sep 2023 00:33:26 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame 4585 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZQea1FM-epu7ZJhQ4FVnlAAA%262180
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.afr.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.18 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
27691
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
80857f5bcf253657-FRA
content-length
43
expires
Tue, 19 Sep 2023 00:33:26 GMT
pixel
cm.g.doubleclick.net/ Frame 4A3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE1PNUtMOU4tMVMtQUcxSQ==
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDogaxU1RhMozoSL46CC8TY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1PNUtMOU4tMVMtQUcxSQ==&google_push=
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1PNUtMOU4tMVMtQUcxSQ==&google_push=
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1PNUtMOU4tMVMtQUcxSQ==&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
Expires
0
setuid
px.ads.linkedin.com/ Frame 4A3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMO5KL9N-1S-AG1I
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMO5KL9N-1S-AG1I
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:26 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 78E0AB06C71D4FD3812CFE744A32E4F7 Ref B: FRAEDGE1112 Ref C: 2023-09-18T00:33:26Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYFl0pjthsM8Qcj/A8kTA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LMO5KL9N-1S-AG1I
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 4A3C
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=PL_oWRO0TTOfoP8eyojbxw&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PL_oWRO0TTOfoP8eyojbxw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PL_oWRO0TTOfoP8eyojbxw
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 00:33:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BT9RQTF5HZ0CK4YYDJ32
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=PL_oWRO0TTOfoP8eyojbxw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 4A3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWEyNmUxMzBiZjBmNzIwZGUxNDM1ZWVmNGVhNGM3OWIzMDQzMmUyNw
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWEyNmUxMzBiZjBmNzIwZGUxNDM1ZWVmNGVhNGM3OWIzMDQzMmUyNw
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZWEyNmUxMzBiZjBmNzIwZGUxNDM1ZWVmNGVhNGM3OWIzMDQzMmUyNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4A3C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaWzjJbwsJ5l12LOFDoSuM&google_cver=1
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaWzjJbwsJ5l12LOFDoSuM&google_cver=1
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGaWzjJbwsJ5l12LOFDoSuM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 4A3C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=EyOpp4-WRz2wksjF3M402w&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EyOpp4-WRz2wksjF3M402w
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EyOpp4-WRz2wksjF3M402w
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 00:33:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
TWHGF0T3HRQK4M3BR5G0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=EyOpp4-WRz2wksjF3M402w
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 4A3C
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/gLP0HVBKQwey-YgDCmDKlMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-56jFFDdE2oJNdYIMcIW01BQ6ZX0O8JY3w1WYBQ--~A
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-56jFFDdE2oJNdYIMcIW01BQ6ZX0O8JY3w1WYBQ--~A
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
402fba8a82f093def2459220061c8d31
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 18 Sep 2023 00:33:26 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-56jFFDdE2oJNdYIMcIW01BQ6ZX0O8JY3w1WYBQ--~A
content-length
0
rubicon
match.adsrvr.org/track/cmf/ Frame 4A3C 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
adc.nine.com.au/ Frame AAEB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://adc.nine.com.au?appNexusUid=$UID
  • https://adc.nine.com.au/?appNexusUid=8386155878032714811
89 B
451 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adc.nine.com.au/?appNexusUid=8386155878032714811
Requested by
Host: adc-js.nine.com.au
URL: https://adc-js.nine.com.au/adc.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.55.162.157 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-55-162-157.ap-southeast-2.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
f55bd8206cc79207d7c5408949d9a425231382ada8b988dbbb3e5fa8cf490dc9
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, private
content-length
89
content-type
application/json; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
awselb/2.0
strict-transport-security
max-age=2592000

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
5822c1f9-6793-4c06-a65d-972e86683401
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:26 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://adc.nine.com.au?appNexusUid=8386155878032714811
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.23.4
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
x-xss-protection
0
/
zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com/SIE/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1zw3m3dlvZEzjE2
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7d55591ace4f2ac460bd2d93ba3a2a48261afdba8a3f55a662fefc81dda8b24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
176780
cf-polished
origSize=9150
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
etag
W/"23be-ivWBSdBZIPi7GdXn0mwtZfK/7Rg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80857f60feb78fd4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
dest5.html
nd.demdex.net/ Frame 5784 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nd.demdex.net/dest5.html?d_nsid=0
Requested by
Host: www.afr.com
URL: https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.33.121.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-121-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v050-04aec769b.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
UINqfQQJQUg=
content-encoding
gzip
date
Mon, 18 Sep 2023 00:33:27 GMT
last-modified
Wed, 28 Jun 2023 12:57:54 GMT
transfer-encoding
chunked
vary
accept-encoding
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
4503a96761d75df071ba372631042502bf297ad7eea734dcb9dd36e82b32ee8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12115
x-xss-protection
0
sync
ups.analytics.yahoo.com/ups/28/ Frame 5784
Redirect Chain
  • https://pixel.advertising.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true
  • https://ups.analytics.yahoo.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true
0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true
Protocol
H2
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nd.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true
date
Mon, 18 Sep 2023 00:33:27 GMT
cache-control
no-store
content-type
text/html
server
ATS/9.1.10.75
content-length
389
content-language
en
12.f0510cc63da0d227c0b7.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ 		69 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/dxjsmodule/12.f0510cc63da0d227c0b7.chunk.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=www.afr.com
Requested by
Host: zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com
URL: https://zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_1zw3m3dlvZEzjE2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f3d6cd99bd2d627dcf124c8c449a70556f01f1ca12bcc67ea59d6c37e2f0add
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
434458
cf-polished
origSize=71568
edge-control
max-age=604800
referrer-policy
strict-origin-when-cross-origin
last-modified
Mon, 11 Sep 2023 17:12:04 GMT
cf-bgj
minify
server
cloudflare
etag
W/"11790-18a853a96a0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=604800, s-maxage=604800
permissions-policy
camera=(), geolocation=(), microphone=()
cf-ray
80857f613ed48fd4-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
timing-allow-origin
*
ibs:dpid=19566&dpuuid=CDF5C54A-BB13-4947-92D2-11543465E1E7
dpm.demdex.net/ Frame 5784
Redirect Chain
  • https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
  • https://dpm.demdex.net/ibs:dpid=19566&dpuuid=CDF5C54A-BB13-4947-92D2-11543465E1E7
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=CDF5C54A-BB13-4947-92D2-11543465E1E7
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nd.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0f8dcfc1c.edge-irl1.demdex.com 1 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/SsEBgs8Qd8=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:27 GMT
server
nginx
etag
"60b842b3-cde"
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=CDF5C54A-BB13-4947-92D2-11543465E1E7
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
expires
Mon, 18 Sep 2023 00:33:27 GMT
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_1zw3m3dlvZEzjE2&Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web
Requested by
Host: siteintercept.qualtrics.com
URL: https://siteintercept.qualtrics.com/dxjsmodule/12.f0510cc63da0d227c0b7.chunk.js?Q_CLIENTVERSION=1.99.0&Q_CLIENTTYPE=web&Q_BRANDID=www.afr.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.209.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a80127d7982c6066077f88f7fb21e31e8823fd0fd792133e7c78901f3e7c6500
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
content-security-policy-report-only
frame-ancestors 'self' *.qualtrics.com *.my.salesforce.com *.visualforce.com *.visual.force.com *.lightning.force.com; report-uri https://sjc1.qualtrics.com/csp-report
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.afr.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
permissions-policy
camera=(), geolocation=(), microphone=()
trace-id
ecba7ef187729c24
cf-ray
80857f617ee38fd4-FRA
timing-allow-origin
*
ibs:dpid=72352&dpuuid=2767998857146342851947&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 5784
Redirect Chain
  • https://dmpsync.3lift.com/getuid?redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D$UID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
  • https://dmpsync.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D72352%26dpuuid%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2767998857146342851947&gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2767998857146342851947&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
34.253.121.178 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-121-178.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nd.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0fb6a4853.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
qr7np0kCS5c=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=72352&dpuuid=2767998857146342851947&gdpr=0&gdpr_consent=
date
Mon, 18 Sep 2023 00:33:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
gn
secure-dcr.imrworldwide.com/cgi-bin/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-dcr.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-302812&ch=au-302812_b25_afr.com-brand%20only_S&asn=afr.com-brand%20only&fp_id=m2xk7ctvjytujodq5nxcbchvze9xl1694997204&fp_cr_tm=1694997204558&fp_acc_tm=1694997204558&fp_emm_tm=1694997204558&ve_id=&sessionId=ramqgrikhxntouhb6dnnciyrg9ltu1694997204&prv=1&c6=vc,b25&ca=NA&c13=asid,P70F2B436-31E2-4369-A3CB-294DC350A880&c32=segA,NA&c33=segB,NA&c34=segC,NA&c15=apn,afr&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,rwqhuf20eclosqgz1y5o5yc83asdw1694997204&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16949972045557203&c30=bldv,6.0.0.673&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=p5djph&c3=st,c&c64=starttm,1694997206&adid=p5djph&c58=isLive,false&c59=sesid,&c61=createtm,1694997206&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&c66=mediaurl,&sdd=&c62=sendTime,1694997206&rnd=862035
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.4.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-4-25.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:27 GMT
server
nginx
accept-ch
Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-dcr.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
content-length
44
expires
Thu, 01 Dec 1994 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 5784
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=adobe&id=41744988649025680772310364721195617473
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41744988649025680772310364721195617473
0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41744988649025680772310364721195617473
Protocol
H2
Server
18.203.183.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-183-215.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nd.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-served-by
beacon-n023-dub-prod.krxd.net
date
Mon, 18 Sep 2023 00:33:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=33 t=1694997207
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=41744988649025680772310364721195617473
date
Mon, 18 Sep 2023 00:33:27 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a016-ash-prod.krxd.net
async_usersync
ib.adnxs.com/ Frame 87F3 		0
598 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:27 GMT
an-x-request-uuid
d78de6e9-b8a5-4e0a-a7a7-ea49054ca9c6
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
176.115.236.197; 176.115.236.197; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
u
dmp.v.fwmrm.net/ad/ Frame 5784 		0
460 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D796%26dpuuid%3D%23%7Buser.id%7D%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.144.50.131 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-144-50-131.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://nd.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 18 Sep 2023 00:33:28 GMT
X-Fw-Request-Id
umo14a8_1694997208831786452
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 18 Sep 2023 00:33:27 GMT
gaAccount
buy-au.piano.io/api/v3/anon/assets/ 		52 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://buy-au.piano.io/api/v3/anon/assets/gaAccount?aid=lrJ8j3qepa
Requested by
Host: cdn.tinypass.com
URL: https://cdn.tinypass.com/api/tinypass.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.194.118 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7d61d1af5acb6c837ba89d4b175974d0010c8a25a9056710aa4f2c6e8b93063
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains

Request headers

Accept
application/json
Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Mon, 18 Sep 2023 00:33:28 GMT
strict-transport-security
max-age=86400; includeSubDomains
content-encoding
br
cf-cache-status
DYNAMIC
wn
prod-au-dash-10-1-4-196
server
cloudflare
p3p
CP="NON DSP COR OUR IND"
access-control-allow-origin
*
server-time
0.008
content-type
application/json
cache-control
public, max-age=86400, s-maxage=86400
x-forwarded-https
on
cf-ray
80857f650c8e4daa-FRA
alt-svc
h3=":443"; ma=86400
x-request-id
Kr7o51smjs4
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8973 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19463
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 17 Sep 2023 19:09:04 GMT
expires
Mon, 16 Sep 2024 19:09:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9C16 		829 B
980 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
75ccc7edd01b4b7d7c464ad18ef3232c88e87877c2a3018e3113bc3c8b3640df
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LZCmwHwOS8MmG6uvSZKKwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.afr.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-LZCmwHwOS8MmG6uvSZKKwA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 18 Sep 2023 00:33:27 GMT
expires
Mon, 18 Sep 2023 00:33:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
/
www.facebook.com/tr/ 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1831268437115893&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&rl=&if=false&ts=1694997207925&cd[eventCategory]=piano&cd[evenAction]=activation&cd[eventLabel]=%23paywall-prompt-article-piano-id&cd[user.status]=visitor&cd[brand]=afr&cd[page.viewId]=EA3AA8E7-27E4-4306-BE36-EDC717AC9817&cd[page.type]=Article&cd[section.primaryCategory]=companies&cd[section.subCategory]=financialservices&cd[page.renderedPlatform]=WEB&cd[client.deviceType]=desktop&cd[Container%20ID]=GTM-NN4PPKH&cd[page.name]=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&cd[page.primaryTag]=Cybersecurity%20(Editorial%20use)&cd[page.author]=Lucas%20Baird&cd[page.fullPageLoad]=true&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&sw=1600&sh=1200&v=2.9.127&r=stable&ec=2&o=29&fbp=fb.1.1694997204232.1054567858&it=1694997204065&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 18 Sep 2023 00:33:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
31 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=953970877989909&ev=Paywall&dl=https%3A%2F%2Fwww.afr.com%2Fcompanies%2Ffinancial-services%2Fapra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph&rl=&if=false&ts=1694997207926&cd[eventCategory]=piano&cd[evenAction]=activation&cd[eventLabel]=%23paywall-prompt-article-piano-id&cd[user.status]=visitor&cd[brand]=afr&cd[page.viewId]=EA3AA8E7-27E4-4306-BE36-EDC717AC9817&cd[page.type]=Article&cd[section.primaryCategory]=companies&cd[section.subCategory]=financialservices&cd[page.renderedPlatform]=WEB&cd[client.deviceType]=desktop&cd[Container%20ID]=GTM-NN4PPKH&cd[page.name]=APRA%20hits%20Medibank%20with%20250m%20punishment%20for%20breach&cd[page.primaryTag]=Cybersecurity%20(Editorial%20use)&cd[page.author]=Lucas%20Baird&cd[page.fullPageLoad]=true&cd[userAgent]=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F117.0.5938.62%20Safari%2F537.36&sw=1600&sh=1200&v=2.9.127&r=stable&ec=2&o=29&fbp=fb.1.1694997204232.1054567858&it=1694997204065&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.201.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-01-ams4.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Mon, 18 Sep 2023 00:33:27 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
pagead2.googlesyndication.com/bg/ Frame 8973 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/D38i8ocviMyns63bFlxz04547CGgVcdJsS8VZS_5djY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Sun, 17 Sep 2023 22:32:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
7241
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14739
x-xss-protection
0
last-modified
Mon, 11 Sep 2023 20:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 16 Sep 2024 22:32:47 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9C16 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=2291029211604058&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
wl
t.pubmatic.com/ 		17 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.pubmatic.com/wl?pubid=158309
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158309/3891/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.82 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

Referer
https://www.afr.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:28 GMT
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.afr.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
17
expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame A729 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=158309&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:27 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
generate_204
tpc.googlesyndication.com/ Frame 8973 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?D4tBpQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=2291029211604058&bg=!9_Sl9LvNAAbP3fMH7907ADQBe5WfOOYeYP3a1rmqe4TVpCDeeMmQH3BK10RSgaQGgGHL29A-E3rxJGZKEvZE1mPLVMRUAgAAAF9SAAAABmgBB5kC9bIh07BNb4AV7Og2zb1ZBMYIDBVjx6P0tNixueg3PH0WvRie6hKO3t4Qa_B9ebBvm9IyHjEHy6VEXAE95oKTXv6bicnfqk-CQmllxWKzPdStDQ1iNLU29tOzcKKN36k8pBTR3qvhBiAFXEdORlf-OM-_vgfsnNeT27fXwcMeJ_Ba7jQKZ1Srgy6IBfBWx759T3QOc_4rmDTpsYbQ7chIIAf2xpoarUvgBnXOxUxzqeUqVwgF8NfNjDaJv8nKZlewm7OIZ_qwDHAoGb4ht1XvICkEEtr6N5AbTOmV0lwk3Rbo-8QtwHv_FOThzgjUORyzkHGDi9KNRgDmkJthbEILW5dBn9p1ZUT9rtoqNcgxGk2s5oAIoIk8JNmN8BMW48wa-tbaEMamz_DauXxiqvwKcIlItdq-IdkcPH3fWzfllLySH9f55_XTyPeoIZ8Y225Y0Yy_nyzvOY42bLcDE5Ts_HdyPZTvuJa8A4Cyk1MFoEhkoTIXQ8aAhOyCUz1KVoDTcbSW82-JEOLuH1ngBhzHUY1YeI-RSlt5okNeyt0geQMv9SPWV6ofda8pDEQowjBsvvc3Q0Bgel3tYyRM6h6nDTq-UDGJ7J2Vf6D1NjZfUnYU8YmRM59IvxJ6HkSmrMEp2do7TCuEHwjXOWAD-tyiEm00Rls9v7hqcvWZgNTy4UEuPF_ulJfG8zAqP4V1z747QBcdY8-70RW7abGuMCrtLPVEcUJXzwmt8F46n2N9AWAtvrWjZUAm3L1cLWBXF4sP6Rgo8gAR3U0LgY4KDKGJ94F4jFlrZ21QQI1ZulwDgOPolSl2q9SQ6GmRXIWfgPqPQ0SGdqO3kR7uFXYtKRB4NtkcWhRJcCz7bo_IcBivjDM9YoKW2jNAO1gpBTg6PbYbdwZkrVGaTxvnPt3CBJyc26ehjJZUc1TLAOV_QydMgKBNR2fO-eDjhHBU8NrpQMBuotHgmQ4IunuK_Vhs0fBjmUMgp-qq_pf2dI551-kqXEtNqwUaVtw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.afr.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame A729 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=81654077&p=158309&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
3c760a606353760014d08b3793254496cdc452f3b73a44e7ba370df1880abf73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 18 Sep 2023 00:33:27 GMT
content-length
1855
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame B47A 		35 B
600 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.30 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 18 Sep 2023 00:33:29 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D41B
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279957579472828575&gdpr=0&gdpr_consent=
42 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279957579472828575&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 18 Sep 2023 00:33:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7279957579472828575&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 74AC
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=R6TbO2zbXx9XRAzvoIhtuLBz7MU&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=R6TbO2zbXx9XRAzvoIhtuLBz7MU&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 18 Sep 2023 00:33:29 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=R6TbO2zbXx9XRAzvoIhtuLBz7MU&gdpr=0&gdpr_consent=
bridge
cm.adgrx.com/ Frame 50C3 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.245.181 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 18 Sep 2023 00:33:29 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-8
Pug
image2.pubmatic.com/AdServer/ Frame 2242
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHOXlFN0tEellBQUNhUWhRQ3RDUQ&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAG9yE7KDzYAACaQhQCtCQ&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=4502263201551589807&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAG9yE7KDzYAACaQhQCtCQ&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D4502263201551589807%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=4502263201551589807&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAG9yE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG9yE7KDzYAACaQhQCtCQ&gdpr=0&gdpr_consent=
42 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG9yE7KDzYAACaQhQCtCQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 18 Sep 2023 00:33:29 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAG9yE7KDzYAACaQhQCtCQ&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 6770
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=158309
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:28 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 18 Sep 2023 00:33:29 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
mw
mwzeom.zeotap.com/ Frame A729 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=CDF5C54A-BB13-4947-92D2-11543465E1E7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80857f7059ec6967-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame A729
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=CDF5C54A-BB13-4947-92D2-11543465E1E7&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CDF5C54A-BB13-4947-92D2-11543465E1E7&sInitiator=external&gdpr=0&gdpr_consent=
42 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=CDF5C54A-BB13-4947-92D2-11543465E1E7&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:39 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:39 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=CDF5C54A-BB13-4947-92D2-11543465E1E7&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame A729
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
  • https://spl.zeotap.com/?zdid=1332&zcluid=b6ab99630b730c59
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2566843b-0762-4583-7976-d44100bd95a9&reqId=f6cc24f9-aa8f-4fde-7435-3a0c1dce3349&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEFejQA_paZXeqbQaMYbcH0E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2566843b-0762-4583-7976-d44100bd95a9&reqId=f6cc24f9-aa8f-4fde-7435-3a0...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEFejQA_paZXeqbQaMYbcH0E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2566843b-0762-4583-7976-d44100bd95a9&reqId=f6cc24f9-aa8f-4fde-7435-3a0c1dce3349&zcluid=b6ab99630b730c59&zdid=1332
Protocol
H2
Server
104.22.25.87 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:29 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
80857f70ba0e6967-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEFejQA_paZXeqbQaMYbcH0E&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=2566843b-0762-4583-7976-d44100bd95a9&reqId=f6cc24f9-aa8f-4fde-7435-3a0c1dce3349&zcluid=b6ab99630b730c59&zdid=1332
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
CDF5C54A-BB13-4947-92D2-11543465E1E7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame A729 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/CDF5C54A-BB13-4947-92D2-11543465E1E7?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.246.166.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-246-166-234.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date
Mon, 18 Sep 2023 00:33:29 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8d425a76-d1c4-476e-b962-ec93a2e8c69f&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8d425a76-d1c4-476e-b962-ec93a2e8c69f&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=8d425a76-d1c4-476e-b962-ec93a2e8c69f&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 18 Sep 2023 00:33:29 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame A729 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
ddos.com
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:28 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=7be5fc9b137c1669&is_secure=true&networkId=17100&version=1&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH9jeurEIDAAMj2Sh2AAAAAAA&expiration=1695083609&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&...
42 B
294 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH9jeurEIDAAMj2Sh2AAAAAAA&expiration=1695083609&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&is_secure=true&gdpr_consent=&gdpr=0
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 18 Sep 2023 00:33:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 18 Sep 2023 00:33:29 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAH9jeurEIDAAMj2Sh2AAAAAAA&expiration=1695083609&nuid=CDF5C54A-BB13-4947-92D2-11543465E1E7&is_secure=true&gdpr_consent=&gdpr=0
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame A729
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4608482896472353189&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4608482896472353189&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 18 Sep 2023 00:33:29 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4608482896472353189&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 18 Sep 2023 00:33:28 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| documentPictureInPicture function| swapAdsToLazy object| dataLayer object| tp object| GlobalSnowplowNamespace function| snowplow object| __LOADABLE_LOADED_CHUNKS__ object| regeneratorRuntime object| scCGSHMRCache boolean| APP_MOUNTED object| dataLayerHybrid object| Snowplow function| _typeof boolean| pnFullTPVersion number| pnInitPerformance boolean| pnHasPolyfilled object| pn string| __tpVersion object| SWG object| googletag function| ___tp object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| _sf_async_config object| _cbq function| rdt object| GooglebQhCsO string| _linkedin_data_partner_id string| visibilityEvent boolean| hiddenState function| visibilityChanged function| pageviewIdGen string| pageviewIDjs function| fbq function| _fbq function| hj object| _hjSettings object| _linkedin_data_partner_ids object| titan undefined| tempRequestAd undefined| tempRequestConditionalAd undefined| tempRequestLazyAd object| dotq string| _linkedin_partner_id function| lintrk string| axel number| a function| eight string| section object| pixel function| pdst function| twq function| onYouTubeIframeAPIReady string| _bizo_data_partner_id function| retry function| isIE10OrLater function| detectPrivateMode object| ffx_analytics_nielsen object| adcelem function| callEuropa object| EUROPA function| Europa object| europa object| nineDM object| dm function| setImmediate function| clearImmediate object| __svelte object| BeyondWords object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| snowplowData string| GoogleAnalyticsObject function| ga function| Visitor function| AppMeasurement_Module_AudienceManagement function| DIL object| s_c_il number| s_c_in object| nineFfxDil object| PARSELY object| twttr object| gaGlobal object| SUBSCRIPTIONS object| globalSubscriptions object| ADKIT function| Adkit object| apstag object| adkit object| moatPrebidApi object| PWT object| gs_channels function| admiral object| configArgs number| pixelRatio number| width number| height object| screenSize object| labels object| YAHOO object| _cb_shared object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| debugLog function| debugTable function| MetaHelper object| StatType function| StatsHelper function| justDebounceIt object| CustomEvents function| EventHelper object| ItemAction function| EnhancedCommerceHelper function| SessionHelper function| ISGTMHelper object| isWindow object| helper function| sendMessageToEvergageLauncher function| _iterableToArrayLimit function| _classCallCheck function| _defineProperties function| _createClass function| _defineProperty function| _slicedToArray function| _arrayWithHoles function| _unsupportedIterableToArray function| _arrayLikeToArray function| _nonIterableRest function| _toPrimitive function| _toPropertyKey function| shouldInit function| setDeveloperOptions function| enableDebugTools function| enableProductionTesting function| handleDevQueryString function| shouldInitRule function| matchesPath function| debounce function| handleEvent number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render object| _is object| process object| pSUPERFLY_mab object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv object| NOLCMB number| _nolggSDKPhotoNo number| _nolggSDKPageNo object| _nolggSDKGlobalParams object| _nolggSDKMetaData object| nSdkInstance boolean| _already_called_lintrk function| NolTracker function| nol_t function| logger undefined| _rsCC undefined| _rsCG undefined| _rsDN undefined| v52v53_pvar undefined| v52v53_trac undefined| _rsEvent undefined| _rsLinkTrack undefined| _rsClick object| V60 object| NOLBUNDLE object| trac string| localstorageframe boolean| DotMetricsInitScript object| _aps boolean| apstagLOADED object| apscustom undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_74071818 object| Moat#PML#26#1.2 boolean| Moat#EVA function| __moatSlotTagLoadedfairfaxheader492510264302 object| DotMetricsSettings object| gaplugins object| gaData object| _etmc object| _etmc_temp string| func_name object| args string| collect_url object| owpbjsChunk object| owpbjs object| _pbjsGlobals object| ucTag object| OWT object| ggeac object| google_js_reporting_queue object| _cbm object| __bt_tag_d object| __bt_tag_am object| __bt_intrnl object| __bt object| ns object| paramsPassed object| stateObject object| errorState string| BUILDVERSION object| stateEvents undefined| google_measure_js_timing function| moatYieldReady object| PianoESPConfig object| cX function| 4dm1r11545242527 object| msgData function| cxCCE_callQueueExecute object| cxTest object| DotmetricsJSON object| DotMetricsObj object| ari number| google_unique_id undefined| cXJsonpCB1 object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.99.0 object| _qsie object| GoogleGcLKhOms object| google_image_requests

142 Cookies

Domain/Path Name / Value
.afr.com/ Name: _sp_ses.0af9
Value: *
.afr.com/ Name: _gcl_au
Value: 1.1.120844633.1694997203
www.afr.com/ Name: _bsMode
Value: true
www.afr.com/ Name: __pdst
Value: 5ece40f068154e4d8c52052b92e6a2bc
.afr.com/ Name: _ga_7P81FZJZ1C
Value: GS1.1.1694997203.1.0.1694997203.60.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkCe3vW4RtH28160FL1EITVp1xeRXSVd8o5smQbJYsVYP2QR6E5csB-iIFrGXc
.demdex.net/ Name: demdex
Value: 41588886913637585192326544452486444539
.afr.com/ Name: AMCVS_BEB5C8A15492DB600A4C98BC%40AdobeOrg
Value: 1
.afr.com/ Name: AMCV_BEB5C8A15492DB600A4C98BC%40AdobeOrg
Value: -1176276602%7CMCIDTS%7C19619%7CMCMID%7C41716848711419526542313180776473426114%7CMCAAMLH-1695602003%7C6%7CMCAAMB-1695602003%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1695004403s%7CNONE%7CMCAID%7CNONE
.afr.com/ Name: aam_uuid
Value: 41744988649025680772310364721195617473
.afr.com/ Name: _rdt_uuid
Value: 1694997204022.0d62b62a-13a2-4df2-a53e-77c6f003e2b3
.www.afr.com/ Name: _evga_a397
Value: {%22uuid%22:%224ba56d3f3def5a6d%22}
.afr.com/ Name: _cb
Value: BOruJYDB5vhZDFlvXK
.afr.com/ Name: _chartbeat2
Value: .1694997204074.1694997204074.1.CAxGwxCRhQi3BVnEI-BzyaKEsuDLM.1
.afr.com/ Name: _cb_svref
Value: null
.afr.com/ Name: _hjSessionUser_182799
Value: eyJpZCI6IjAxZGZiNTgwLTBmOTUtNWMxNi05OGI4LTBkOTQyOGM0MGE4MSIsImNyZWF0ZWQiOjE2OTQ5OTcyMDQxMjgsImV4aXN0aW5nIjpmYWxzZX0=
.afr.com/ Name: _hjFirstSeen
Value: 1
.afr.com/ Name: _hjIncludedInSessionSample_182799
Value: 1
.afr.com/ Name: _hjSession_182799
Value: eyJpZCI6ImEwODU1Y2U3LTgwY2YtNDY5Zi1hZDc5LTk3M2IzZTdiYjIzYSIsImNyZWF0ZWQiOjE2OTQ5OTcyMDQxMjksImluU2FtcGxlIjp0cnVlfQ==
.afr.com/ Name: _hjAbsoluteSessionInProgress
Value: 0
.afr.com/ Name: _pctx
Value: %7Bu%7DN4IgrgzgpgThIC4B2YA2qA05owMoBcBDfSREQpAeyRCwgEt8oBJAEzIFYAODgNgEYA7P34AGfnwBMfAJz8uMkAF8gA
.afr.com/ Name: _pcid
Value: %7B%22browserId%22%3A%22lmo5kkhfsws1g5ow%22%7D
.afr.com/ Name: _pcus
Value: eyJ1c2VyU2VnbWVudHMiOm51bGx9
.t.co/ Name: muc_ads
Value: 0ab3ac70-4ba4-4505-a9a1-f6e55628a226
.afr.com/ Name: _fbp
Value: fb.1.1694997204232.1054567858
.adnxs.com/ Name: uuid2
Value: 8386155878032714811
.twitter.com/ Name: guest_id_marketing
Value: v1%3A169499720425321433
.twitter.com/ Name: guest_id_ads
Value: v1%3A169499720425321433
.twitter.com/ Name: personalization_id
Value: "v1_aHsDcT2/CImD2gchpaZC1Q=="
.twitter.com/ Name: guest_id
Value: v1%3A169499720425321433
.rubiconproject.com/ Name: khaos
Value: LMO5KL9N-1S-AG1I
.afr.com/ Name: _ga
Value: GA1.2.121274767.1694997204
.afr.com/ Name: _gid
Value: GA1.2.1638449254.1694997204
.afr.com/ Name: _gat_ffxTracker
Value: 1
.afr.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.afr.com/companies/financial-services/apra-hits-medibank-with-250m-punishment-for-breach-20230627-p5djph%22%2C%22sref%22:%22%22%2C%22sts%22:1694997204487%2C%22slts%22:0}
.afr.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=0c6fc75051d5fab95f2d12a695b8fd2f%22%2C%22session_count%22:1%2C%22last_session_ts%22:1694997204487}
.dpm.demdex.net/ Name: dpm
Value: 41588886913637585192326544452486444539
.dotmetrics.net/ Name: DotMetrics.DeviceKey
Value: DeviceID=
.dotmetrics.net/ Name: DotMetrics.UniqueUserIdentityCookie
Value: UserID=2cca1b7f-4e1f-4bee-b5ec-34c5c89532c7&Created=09/18/2023 00:33:24&UserMode=0&guid=e56849b1-0c91-4a5f-9df1-666643eac50c&ver=1
.afr.com/ Name: nol_fpid
Value: m2xk7ctvjytujodq5nxcbchvze9xl1694997204|1694997204558|1694997204558|1694997204558
www.afr.com/ Name: ln_or
Value: eyIzNTE5OTE0LDk3MjQiOiJkIn0%3D
.yahoo.com/ Name: A3
Value: d=AQABBNSaB2UCEGlczX_M4-K9BxhvJpDp_1UFEgEBAQHsCGURZdwu0iMA_eMAAA&S=AQAAAtwuixCCi_zKDvfYeVtzkvY
.imrworldwide.com/ Name: IMRID
Value: fa4a85d0-55ba-11ee-aaf3-85a103bd7f1f
.igodigital.com/ Name: igodigitaltc2
Value: fa4110fe-55ba-11ee-8679-d6a83b0e84b5
.igodigital.com/ Name: igodigitalst_10510523
Value: fa411702-55ba-11ee-8679-d6a83b0e84b5
.igodigital.com/ Name: igodigitalstdomain
Value: 6484
.piano.io/ Name: __cf_bm
Value: wNIh60qEqI7bvPxEe_3yf.UYVPAueK2BgvIeZOQXGq8-1694997204-0-Ac/dGvzF9dWHCa2pXb2JXQPyrDBhq8f/QhczdLvjSSPxREDPlBkFM/whqcRTkY9E5u2qPJDVWEtRTCsI+bGXNCs=
.afr.com/ Name: __tbc
Value: %7Bkpex%7Dph-axTw_QsDKi2wxATp9vXLmZkJBrlrvdPYrx4nGH9VAwoBcSKakasWzpTh4lK0M
.afr.com/ Name: __pat
Value: 36000000
.afr.com/ Name: __pvi
Value: eyJpZCI6InYtMjAyMy0wOS0xOC0wMi0zMy0yMy0zODYtUDJZc3RYRDFhalJuWmhNRS1lN2EzZmExOTZjZmNiY2E3YTc2MmIzNzJhMjZmZjg4YyIsImRvbWFpbiI6Ii5hZnIuY29tIiwidGltZSI6MTY5NDk5NzIwNDgwOH0%3D
.afr.com/ Name: xbc
Value: %7Bkpex%7DAytY81uC0PHyQivoCow_eSh6-I1mGYwEzlPruIbQjA0QLUtzVAa7Pi9mROG5fr73HX_6l4aS2ZXs3ZOQL-ozOQ8gH_4xa-sTf_y4es9oNPqbm-eEW7keFVhWewCQqWFOnClOzJRZOpZXfob7h-_19w
.eyeota.net/ Name: SERVERID
Value: 19776~DM
.turn.com/ Name: uid
Value: 4608482896472353189
.adnxs.com/ Name: icu
Value: ChgIpfZ3EAoYASABKAEw1LWeqAY4AUABSAEQ1LWeqAYYAA..
.casalemedia.com/ Name: CMID
Value: ZQea1FM-epu7ZJhQ4FVnlAAA
.casalemedia.com/ Name: CMPS
Value: 2180
.casalemedia.com/ Name: CMPRO
Value: 2180
.afr.com/ Name: _sp_id.0af9
Value: 274d6b34-40cf-44f6-a356-ea9eea1a0a46.1694997203.1.1694997205.1694997203.8281d869-3e07-4eaa-94b4-eefeaf2a6c12
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZQea1AALbjnM9gBT
.linkedin.com/ Name: li_sugr
Value: b0f1be52-5303-4699-8fc7-f88e14a121a3
.linkedin.com/ Name: bcookie
Value: "v=2&998ebe59-a613-427c-88a9-5b9965a50592"
.linkedin.com/ Name: lidc
Value: "b=VGST05:s=V:r=V:a=V:p=V:g=2849:u=1:x=1:i=1694997204:t=1695083604:v=2:sig=AQFU6bAtKPeHtbhpS7XYiuuqyCjfUzdY"
.linkedin.com/ Name: UserMatchHistory
Value: AQJdkUmB3QgApwAAAYqltNB4J7yIbvHMFVNesB521cnwZ5LlAhnGNLPnvOv89Ooxyz0TFMAkP_MKag
.linkedin.com/ Name: AnalyticsSyncHistory
Value: AQJ6TFNzHNYDGQAAAYqltNB4EtVOaiZXE_Y3N8Lo-TCyftrIPfcO8LXG1gOZ-Kfm6CXJRNgt8PKGwdXwaQH4kg
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230918003325afc27745-de1b-45f4-8c9e-485d51e83081AQGRSYppF5sPkzdapPlVGqkqGqOk7ybc"
ads.playground.xyz/ Name: connect.sid
Value: s%3AAyRm5HMsxtYujs3f2k2TWsAxkF_OcBMj.2dqXaoESEfHbKlVGWacANOOG3E1Ct1M976UpwqWNTAE
www.afr.com/ Name: DM_SitId1503
Value: 1
www.afr.com/ Name: DM_SitId1503SecId12879
Value: 1
.afr.com/ Name: cX_P
Value: lmo5kkhfsws1g5ow
.www.afr.com/ Name: _sfid_ef23
Value: {%22anonymousId%22:%224ba56d3f3def5a6d%22%2C%22consents%22:[]}
.pubmatic.com/ Name: KADUSERCOOKIE
Value: CDF5C54A-BB13-4947-92D2-11543465E1E7
au-script.dotmetrics.net/ Name: AWSALBCORS
Value: IomgCWSXQsMsY8w1SI2hAX2gdHAApE+h9toHU7U8F04l41ElukVHRtjH3LX2VID0Xz4zMHh8X8BsW+NuFldkFo43vpw/77ycV+qi88i4mMouBg1gVsCqzyGJxuq2
.afr.com/ Name: _awl
Value: 2.1694997206.5-9d230164374276132528dd65752dc763-6763652d6575726f70652d7765737431-0
www.afr.com/ Name: admiral-unblocked
Value: false
.analytics.yahoo.com/ Name: IDSYNC
Value: "19cu~2dzc:18z8~2dzc"
.weborama.fr/ Name: AFFICHE_W
Value: v0YBIH7E5Qq-65
.cxense.com/ Name: gckp
Value: pvdn2t1pcf9mvn92igt88qie
.afr.com/ Name: cX_G
Value: cx%3A3w00s4whlapd53th9tbhusgyob%3A19s00wlos45ds
.simpli.fi/ Name: suid
Value: C2D24AE7E4E444D8A5246B5DBF49D660
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-8386155878032714811&KRTB&23339-8386155878032714811
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESENnNfKE0Og8N1k2f64dNqsg&KRTB&23025-CAESENnNfKE0Og8N1k2f64dNqsg&KRTB&23386-CAESENnNfKE0Og8N1k2f64dNqsg
.adform.net/ Name: uid
Value: 6271803876878150225
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-6271803876878150225&KRTB&23263-6271803876878150225&KRTB&23481-6271803876878150225
.quantserve.com/ Name: d
Value: EJQBCwH9KfijAA
.quantserve.com/ Name: mc
Value: 65079ad6-a179e-94770-acff4
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx&KRTB&19420-i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx&KRTB&22979-i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx&KRTB&23403-i2d9SoQzKUuQM3xKhDdgRIllek2QMy4b22aNrhBx
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.audrte.com/ Name: arcki2
Value: 09bo2VABlRHRTCk3nLiPn4VoQ!20220908!1694997206680!ip#176.115.236.197
.audrte.com/ Name: arcki2_pubmatic
Value: CDF5C54A-BB13-4947-92D2-11543465E1E7!20220908!1694997206682
.nine.com.au/ Name: NUID
Value: 05dd85d04dce41ee96f2a2ce06dca0a4
.afr.com/ Name: NUID
Value: 05dd85d04dce41ee96f2a2ce06dca0a4
.afr.com/ Name: __gads
Value: ID=36d3d6d6add41ca7:T=1694997206:RT=1694997206:S=ALNI_Mba5ElVFTwIoT60qoZteQLYGKjOTw
.afr.com/ Name: __gpi
Value: UID=00000c781a6abc50:T=1694997206:RT=1694997206:S=ALNI_MZhiVAJCdrpQS5Xe7CUwK74YQiSbg
.audrte.com/ Name: arcki2_ddp2
Value: 09bo2VABlRHRTCk3nLiPn4VoQ!20220908!1694997206836
.amazon-adsystem.com/ Name: ad-id
Value: A4Gx3T5NsEUcmNeWCLKUVUs
.rubiconproject.com/ Name: audit
Value: 1|Xojh4nxDDtMVjznSO+J509ewUYab+dvizKIOfKaoi6VE5EUBbN0nqAOQvoAnc6eqinkd++ykVUFBK03vAHceEOzJ7rckCi5uN6Rd9nBUoEEy1O4J8TKWTHXG9VLRUjIgfykqbog+89tRunXTGtUPYzSzAmd73aTd5cmAxi7+9V1o8946LEpae9kIb4G5wtpyAWUOhSrDlPzc6UO785F0Pw==
.audrte.com/ Name: arcki2_adform
Value: 6271803876878150225!20220908!1694997206968
.advertising.com/ Name: A3
Value: d=AQABBNeaB2UCEEKVKrw0UDTgIpL2Vw0sqfQFEgEBAQHsCGURZdwu0iMA_eMAAA&S=AQAAAv81gZb54X7BJl4WqOcz4K4
.demdex.net/ Name: dextp
Value: 358-1-1694997204225|470-1-1694997204246|481-1-1694997204295|466-1-1694997204453|771-1-1694997204520|782-1-1694997204565|832-1-1694997204579|23728-1-1694997204636|30064-1-1694997204696|30646-1-1694997204701|6835-1-1694997207226|19566-1-1694997207237|72352-1-1694997207275|66757-1-1694997207291|796-1-1694997207305
.3lift.com/ Name: tluid
Value: 2767998857146342851947
.krxd.net/ Name: _kuid_
Value: PzWqKyOA
.fwmrm.net/ Name: _uid
Value: umo14a8_7279963104043845630
.pubmatic.com/ Name: SPugT
Value: 1694997207
.ads.pubmatic.com/ Name: KCCH
Value: YES
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: pi
Value: 158309:4
.pubmatic.com/ Name: DPSync3
Value: 1696204800%3A235_201_227_226_219_197_245_241
.pubmatic.com/ Name: SyncRTB3
Value: 1696204800%3A3_220_55_13_21_71_54_8_233_166_234_56_251_165%7C1695600000%3A15_223_2%7C1696291200%3A35%7C1695859200%3A63%7C1697587200%3A203
.adfarm1.adition.com/ Name: UserID1
Value: 7279957579472828575
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7279957579472828575&KRTB&23369-7279957579472828575
.bidswitch.net/ Name: tuuid
Value: 8d425a76-d1c4-476e-b962-ec93a2e8c69f
.bidswitch.net/ Name: c
Value: 1694997209
.bidswitch.net/ Name: tuuid_lu
Value: 1694997209
.csync.loopme.me/ Name: viewer_token
Value: 830c91fa-bf52-4e68-a858-d442629aba8e
.onaudience.com/ Name: cookie
Value: b6ab99630b730c59
.onaudience.com/ Name: done_redirects219
Value: 1
.rqtrk.eu/ Name: browser_id
Value: 1:e0341900-60f4-4f65-9aaf-ce4dba17f75f
.bidr.io/ Name: bito
Value: AAG9yE7KDzYAACaQhQCtCQ
.bidr.io/ Name: bitoIsSecure
Value: ok
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-8d425a76-d1c4-476e-b962-ec93a2e8c69f
.pubmatic.com/ Name: PugT
Value: 1694997209
.semasio.net/ Name: SEUNCY
Value: C76301980F910E3A
.smartadserver.com/ Name: pid
Value: 4502263201551589807
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 127:AAG9yE7KDzYAACaQhQCtCQ
.zeotap.com/ Name: zc
Value: 2566843b-0762-4583-7976-d44100bd95a9
.zeotap.com/ Name: zsc
Value: %C4%E1%B1%1D%08%B4%EF%2AnYiH%F42H%AD%0BC%F7-%11%09%81s%B8%3A%B5~%1B%BE%E3%40%BAH%60%11%C9%5B%AF%A7%F3%93%DA%D6%F7N%D2%5B%1D%01%DB_%3D%F1u%FA%A1%8AR%E5%0DzB%1F%15%1FiL%C5%A3%02%7F%D50S%D7%FBl%FAz~%86%D9
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-4608482896472353189&KRTB&23150-4608482896472353189
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-47a4db3b-6cdb-5f1f-5744-0cefa0886db8.7oGpgH8wjTj%2BghkdF4iiIBEleX014NR2DZKAEuTxO3o
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-47a4db3b-6cdb-5f1f-5744-0cefa0886db8.7oGpgH8wjTj%2BghkdF4iiIBEleX014NR2DZKAEuTxO3o
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AR6TbO2zbXx9XRAzvoIhtuLBz7MU.0tKAQd37qyAz%2F84a7VXvRG7gVbubM0ui%2BmReJj27R9s
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AR6TbO2zbXx9XRAzvoIhtuLBz7MU.0tKAQd37qyAz%2F84a7VXvRG7gVbubM0ui%2BmReJj27R9s
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIP167pzBRq6wb01mTv9aztYNQ-Z0g7kD58JkHJ7vBnfsEHwYBCDZtZ6oBjABOgT2YRj6QgTuxEra.8EAaL900c7SQN509hqsIFWQbFfo8dpKA9q0fq9kXick
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIP167pzBRq6wb01mTv9aztYNQ-Z0g7kD58JkHJ7vBnfsEHwYBCDZtZ6oBjABOgT2YRj6QgTuxEra.8EAaL900c7SQN509hqsIFWQbFfo8dpKA9q0fq9kXick
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-R6TbO2zbXx9XRAzvoIhtuLBz7MU&KRTB&23334-R6TbO2zbXx9XRAzvoIhtuLBz7MU&KRTB&23417-R6TbO2zbXx9XRAzvoIhtuLBz7MU&KRTB&23426-R6TbO2zbXx9XRAzvoIhtuLBz7MU
.dotomi.com/ Name: DotomiTest
Value: 7be5fc9b137c1669
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAH9jeurEIDAAMj2Sh2AAAAAAA&KRTB&22713-AAAH9jeurEIDAAMj2Sh2AAAAAAA&KRTB&22715-AAAH9jeurEIDAAMj2Sh2AAAAAAA&KRTB&23519-AAAH9jeurEIDAAMj2Sh2AAAAAAA
.contextweb.com/ Name: V
Value: Jbjib72txGeB
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1mx7|7dN.0.AAG9yE7KDzYAACaQhQCtCQ
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: dce0e20b29fcfc85
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAG9yE7KDzYAACaQhQCtCQ

4 Console Messages

Source Level URL
Text
network error URL: https://api.beyondwords.io/v1/projects/34966/player/by_source_id/p5djph
Message:
Failed to load resource: the server responded with a status of 404 ()
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=CDF5C54A-BB13-4947-92D2-11543465E1E7&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ups.analytics.yahoo.com/ups/28/sync?uid=41744988649025680772310364721195617473&_origin=1&redir=true
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10510523.collect.igodigital.com
12281244.fls.doubleclick.net
12393262.fls.doubleclick.net
6633783.fls.doubleclick.net
a.audrte.com
a1288a54e242ac80cc9429eac75a7cd5.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
adc-js.nine.com.au
adc.nine.com.au
adkit.9pub.io
ads.playground.xyz
ads.pubmatic.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
alb.reddit.com
analytics.twitter.com
api.afr.com
api.beyondwords.io
api.btloader.com
au-script.dotmetrics.net
beacon.krxd.net
bh.contextweb.com
btloader.com
buy-au.piano.io
c.amazon-adsystem.com
c1.adform.net
c2-au.piano.io
cdn-gl.imrworldwide.com
cdn.cxense.com
cdn.evgnet.com
cdn.indexww.com
cdn.jsdelivr.net
cdn.linkedin.oribi.io
cdn.parsely.com
cdn.pdst.fm
cdn.tinypass.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
comcluster.cxense.com
config.aps.amazon-adsystem.com
connect.facebook.net
cr.frontend.weborama.fr
csync.loopme.me
d.adroll.com
d.turn.com
d2uhnetoehh304.cloudfront.net
dis.criteo.com
dmp.adform.net
dmp.v.fwmrm.net
dmpsync.3lift.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fairfaxau.demdex.net
fairfaxau.sc.omtrdc.net
fairfaxmedia.gscontxt.net
fastlane.rubiconproject.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
htlb.casalemedia.com
i-dev.ffx.io
i.ffx.io
ib.adnxs.com
id.cxense.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image5.pubmatic.com
image6.pubmatic.com
js-sec.indexww.com
l.ffx.io
mab.chartbeat.com
match.adsrvr.org
match.prod.bidr.io
mb.moatads.com
mwzeom.zeotap.com
nd.demdex.net
news.google.com
nova.collect.igodigital.com
p1.parsely.com
p1cluster.cxense.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.nine.com.au
pixel.onaudience.com
pixel.rubiconproject.com
pixel.weare8.com
platform.twitter.com
play.google.com
pr-bh.ybp.yahoo.com
ps.eyeota.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
ramqgrikhxntouhb6dnnciyrg9ltu1694997204.nuid.imrworldwide.com
region1.analytics.google.com
rm-script.dotmetrics.net
rtb-csync.smartadserver.com
rtd-tm.everesttech.net
rtd.tubemogul.com
s.amazon-adsystem.com
s.yimg.com
script.hotjar.com
secure-au.imrworldwide.com
secure-dcr.imrworldwide.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
siteintercept.qualtrics.com
sjs.bizographics.com
snap.licdn.com
sp.analytics.yahoo.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.ffx.io
static.hotjar.com
stats.g.doubleclick.net
strangersponge.com
sync.adap.tv
sync.crwdcntrl.net
sync.srv.stackadapt.com
t.co
t.pubmatic.com
teenytinyshirt.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-central1-adaptive-growth.cloudfunctions.net
usermatch.krxd.net
ws.rqtrk.eu
www.afr.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.redditstatic.com
x.bidswitch.net
z.moatads.com
zn1zw3m3dlvzezje2-nineresearch.siteintercept.qualtrics.com
104.16.88.20
104.17.194.118
104.17.209.240
104.17.25.14
104.18.13.194
104.18.223.248
104.18.24.18
104.18.27.193
104.22.25.87
104.244.42.67
104.244.42.69
108.138.4.59
13.107.42.14
13.224.189.123
13.224.192.181
13.225.78.35
13.225.78.4
13.225.78.58
13.32.121.65
13.32.121.94
13.35.255.75
13.55.162.157
130.162.160.243
130.211.23.194
141.94.171.216
141.95.32.72
142.250.184.194
142.250.184.195
142.250.184.206
142.250.185.132
142.250.185.161
142.250.185.200
142.250.185.98
142.250.186.163
142.250.186.174
142.250.74.206
143.204.214.71
143.47.190.59
146.75.116.157
151.101.1.108
151.101.130.133
151.101.130.49
151.101.193.140
151.101.194.133
151.101.194.202
151.101.194.49
151.101.64.114
151.101.65.140
157.240.201.15
157.240.201.35
167.235.124.60
172.217.16.130
172.217.16.194
172.217.18.102
172.217.23.102
172.67.69.19
172.67.70.134
178.250.1.9
18.203.183.215
18.66.112.78
18.66.112.9
18.66.122.30
184.30.16.195
184.30.17.133
184.86.251.89
185.64.189.112
185.64.190.82
185.64.191.210
185.86.139.102
192.229.233.25
198.47.127.19
198.47.127.20
2.21.20.141
2.21.20.155
208.93.169.131
209.54.182.161
212.82.100.181
213.19.162.41
216.239.34.36
216.239.36.54
216.58.206.34
216.58.212.129
23.212.213.4
3.124.69.248
3.127.178.105
3.144.50.131
3.234.106.202
3.71.149.231
34.102.253.54
34.110.168.46
34.110.181.170
34.111.129.221
34.111.131.239
34.111.134.78
34.199.23.6
34.249.4.25
34.253.121.178
34.91.62.186
35.156.100.108
35.190.80.153
35.214.215.84
35.244.142.80
35.71.131.137
37.157.3.30
37.252.172.123
44.219.176.120
46.228.164.11
46.228.164.13
52.18.164.186
52.18.182.246
52.222.236.63
52.222.236.78
52.64.218.213
52.94.222.140
54.158.55.205
54.194.110.112
54.210.220.158
54.211.118.49
54.246.166.234
54.66.82.44
63.140.62.22
63.33.121.220
63.34.81.234
64.158.223.140
66.102.1.154
69.173.144.165
72.251.245.181
76.223.111.18
77.243.51.121
85.114.159.93
87.248.119.251
91.228.74.244
95.101.149.233
98.98.134.242
99.81.218.56
99.86.4.107
99.86.4.128
04142857a43c3bf04f03b182ac95d7a519e9c85ec50f44247edd23f951232d98
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06f3fd2f38c9a5cb102b6c407322b7deb9a618aa38ff2217ed3a7d9c19cc89e2
07275140ea3f47293d4f8a51d785a766eb1c94e4ae087f7c60c5bd611328ac86
07a7e43a30c29cd24df54879f4fc788b60a76962f3b3c5623717c19762240225
07eb86d32844a4bae782c9a243f8db9a435b9fa116c5b19f7de310789b9d63a8
0873aec3ccdf4dcc11523da143b04722167554c1b30ed4dc1fe4d0e2b1ab1aa0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d02fe973621da1d3469bed7ada2ec623f43200ea16a50f4d1d6966c7b9ee106
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0eafa55998d0d61f477653cb15168105c06763c74aaebe8ff7e55da98457f030
0f7f22f2872f88cca7b3addb165c73d38e78ec21a055c749b12f15652ff97636
116f5371289b5d493bc6f6921ef995663397e1639750895951013e82d9ae7578
117ed873640b992e38f34a0a761dd3e1cda6b3c24c9507bb3adc0323039f8ff1
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cf0bc8388a9d4e094982c58c577ba561f298b5dd386fb0653c90eb0db5ea09
1a276d307b627cb4b6c187aa5a3249b1df36c36e455c5d024dee3825a82179f2
1bc03d57c1b968a96bb1036039a0e01257c19a0c4fabddce9e22fc9459aa637d
1c631ed061f5330a51a56ea8e76c364a031e2a3a999b8a6af0b6c1c630900210
1ffb8705ccd5aa6a208059cd0b7ddebf61f540aa4c41c104aa9b7059ec7d7e9d
2240ebc38ba06fc2d24a711c469627765d3bfeb5750cb91371c26501f744dd40
2511f97f0c01a302b753d9697deba3a0bc995f3ea0ec5ac7e9db919cdb7d44f5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
269c614f28c2a9470a6f1c3642a1734986a949f9272a0ce52e1c9d7eb888028f
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f1b3c20947609880fa669248919d46ad2b26b995cd8f7e2f3d764dff3e47bdb
2f46926d81be4472495e6dc6a8789d7fc9ffb6acb270b4f6462720e0332fe718
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
321f92ae61e78e3331b57c52504c5207207020346418626c42bc257a63641977
338140f080782dd9fc999b9c240cde15f599e7ffd10b3fd3d9085717d38ad8d3
3604593299255fb95aee4eeb8f0ef97b923c0dfd3dde91a1dbb9ef35fd1c532b
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
37f85b3c01741cf3d709e5049947055cc6240e11409e03d5b183d469e231ee4b
38814c5240d913c5270db8b8c3eae9f192489b2d2752b63c30562c4287f70015
3c760a606353760014d08b3793254496cdc452f3b73a44e7ba370df1880abf73
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e3605a50f63f4cbdd2dace46871df9ada77e657abb38bc7ad64b60179b982dc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
42e8aa892f98807c2b3f49f7c83002b605e357c9463e8a3fbaeffa805fae5bcc
437418fca3c9a4099c883f257c5fd32c14d79eced6ab73a70ffefa5dfe308651
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4503a96761d75df071ba372631042502bf297ad7eea734dcb9dd36e82b32ee8f
463faad63e59f653f8367ca1bd38629a240ebd4f2165c313e660933acc322b04
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a235820d360ed8a2acf3fc06ecfad2c518818268ecc46844b73c841092900a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
49d65831c7e98a7d885d223699a41198204329efff9d1904c8af71323f613d68
4a4c28fe60f687d2f08bc151c50e74e6fcbd7c1e0d8248007e6610b9966b08dc
4b1b2fced533d7b2c231e1b31bb0423725b8b56f9d3ce144a163558674de05fb
4d8eb08b64666df2b7ee524dc3bfbcec510924f671e4614700ab286c4f528937
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f405a6f2500b77db228fbc3562f99c4df9fa16da181f56780c9f0cb2d35c715
4fc701d332d11127f33ab265d15e3ee79bef42c5cf16fd6547cb375acda2f47c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
50fd09ca33ad472a74c132aef209b4568bfc7fbbf08cd86981e529c9b6dcb20c
538169f78667003113493de4800bdc406db5ac368d158d5b193561315e2b4e20
5486c43323e68c7619f291c9391f6d7bb7206fa7971df5e74bd0132d8c665d2c
54b3121637851046e882df8591a9f2c4472adc2f0c39290cd583e9fccf1aace0
555ba91c0737e118db5cc53b2a84d270db79476962ef7901f5d98b188243988a
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
594b1880b788bef3e6ca9c9791268c5fbaa6a853e36995a0349f16c87b7a677c
5a711c4e43a7524d926c437385be85fb0d12cb063920db6a68bfd433cef8c730
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5eda828f570543dc23e19f4b8540bb1b6c3bda315e56cbec88a24b977177fdbf
60c47b9290bfb66460eec2c0b3cfe14fed2704553f8b93fae74044a2737ae541
60de5b1e7cdbab68fcd0a8433cf1cac6e85895fc405d8550bd0142a4599340a1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62b28569a733e072413ed1649ad9fd346e6fa5ee81327522c04dcc409606fc77
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
685e154bdd3e99c0672f23c6b033893fa83d68cc8ec78bc7290e9bf5af288153
685ee1f5e122fdc218b11e4589efbbfc2c567087e94b65062b13c290aae43a6e
697bf03507cb46ce624b80facfb229e0261d7aa5b26c7fe15000c7a754ad4c47
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6eaca64feebc3de76c12df11756c5fe33c4f754e24b8cac68a276824c64382d1
714892f1fc598fef48b0331e7af69cdac69bfb2cec684d199b8650da4a278c75
7203b0a51ae0db14275057307bd77e61c548ac20be290083098d8fa210799a59
72e60b6eb3be9d5d931fdeb84475759aa558145f9a848f1804423f5b1e611ecc
735b036f29856a2e705597d1918e33a73d0009d8bd0e5cc50bcbddf4210346c7
7553064948d4102e634d107f03e7368b9d5d7b8a5b3e1c70f6ce636ae437a084
75ccc7edd01b4b7d7c464ad18ef3232c88e87877c2a3018e3113bc3c8b3640df
75dcf84f6ecb2cb56fef9043344d3478309d3e5727a7705072719dcc22babfd6
76ac7e86a34946e8010f4b5ec1067d3a5ade819e42e3ae7d06e0409d81451ad5
7a1ddfd8ee7dbab825e8de08a275cf5a6312d81765337dcd59aef6e270de382e
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7cec63d1a3b495c1d73a4b419be6ee77fec15aeef57533081716f4a8e262f126
7cf5af3e86901f0074cf522e48625430e3848ba4c7e998d83168729ccb806edf
7e940f7af0bda63a45fc21c7529c9be3b8834b5bcdaa3afaea07fe38fa876c9b
7eb3e82281d070809aabad8fdf1e439f052b836cf8b0471de65b627d5a956afd
817348cab66884df28c03e018348aa6033949b939be7de3f9d3b42695d41545c
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e75831b74126414123fe9ed90d420ad5a9efd317573ce65bb2eadb62bd824f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84f26717d5ec530c327af115a93f9f59b79cefdcb48e1e41295b5f389a97de71
8573ecbf492be60781e182db8d4c0ae5f6c71cb71cf6f48e6147f4a0119646b1
85a83f5dd7e91e704612bb90f4cde11659978a75d7fd46aa32efa6618e28d9ad
85b23ef2b5d148948a0e393c8af051177f818b7fb18cda003998916666caabee
8774018c1144b86e36ee08be52ead31829085c7f81669101e728e6d3edc9b18b
880f8eddec058f571f7c6d778206ca2965c201591f3532bfb5d4de4de9ad80ec
88af976ada95b76a78536361981757870be4148a869a17515646c381efc8fdc7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f3d6cd99bd2d627dcf124c8c449a70556f01f1ca12bcc67ea59d6c37e2f0add
90c4934897a20a6b6f49bbbfb64eb9fac2d477a2e375ee78e70e6a6bb8194c63
91093a6e6b8ca5ac7fd23a1567462b54a58b08bd6ab1faa651ed7d2cad430960
918f6fef2671add0c34e4265bacb09f8fcb0d3ed95fbf018eb0d95dd8ab59644
93c0e8684d4064f5f82746b394c5abe14c85f36889a5cfcba2d2d6ce631ea479
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
9685145fc6691742536e349a2953828a84fd729012f34f00cb09b8a26f713b6f
975bc24cbaa24310fb1f20cf523c1b60d3951bef329f9972741940a7258775c2
9818a857627f6d7edd433bed71814155b78019dfad67db10bd2e10d14f7a41af
987c2265562d477bd70cbb53fb23e2b6565ce67adf9d2d42786402116110ec45
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9baafe295a2c10f302c9cda8a96f98a2b73e6ead991a4663f4ae8014a6169df3
9d0980f4f630b76580eedd2ef72c78f094d4d006a9cce10f0242d6134a0554a2
9d56b0298b3dc0fab72c5cf8a678d7f609693eaad6d12bc08e9374d5b73900b9
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a195f754fc9029746c989a7e99b775c01da4c2f1c924928c2e6644f2e3cb7e34
a44fb6a26732b7892f2802aee69fb0413ecd26b508b5c79720a48c485f4889ee
a5ff935b8023897a83befbded76ec4f7d60037e254183847c7b1003aa306cdc3
a73237a07cec4d81b7cb7995220839f554e2e8936e5d5ae25cc47753f9737c07
a7e33547d007cea7c7c3e33abe5ca781eb00059eac5c1e9e5292cb8011f1f925
a80127d7982c6066077f88f7fb21e31e8823fd0fd792133e7c78901f3e7c6500
abd6ddb198092af7116da7cf320779a38dde7fb7779d58a6c4f659d1d4f3a901
ac48bd8b3cb7f53c0e9f95053c5657a26ab8fd6e404a2068395262f8c3de5535
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acf3b5b3ade1391096f23120b725a032dce430448ba8aff2a6f0c3f9c598b2a3
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2bbac8ef34bc3259e9b5f3d6d8a40d386f96abe7dc45d926fc76ee7ca2dd45a
b460d56dd27b62df333537db25d28e7e5ace33535bf4c7d7d767bdbc687a8dd9
b5b1c039ad2eb5186c6672002b75fa3ee53f358b418c712ad4c1ea086ef072ed
b7d61d1af5acb6c837ba89d4b175974d0010c8a25a9056710aa4f2c6e8b93063
b98680b48e78c31e2d01074a7d0836baab5fa9c0f6c16976effbd7a95b7b39b6
ba03c55c3966c58cf6327b2436d0ed90db7224664f222081304869f70c18df38
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcf86c48df6f76b921cce4d3b354c52312027494dbac002cf58ff39ca8593ff5
be36cf242d7b206d66842ab5b36af859b780372bba70cb5d72acda2626ffe52e
bf2a08730c912b41fecfa5d1f56af97d630c10c3ed286457fc68b3cb3533e7f7
bf5ff476eadc414cffec170c407b228070e8516b386b449d49d5728aa86296bf
c05d74cd2d25f8071e3227bd2f4800ee82c5e20af4336403ac5cf3b0177c2606
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c1e9510079704b81b083e51700f25a88ddd444272ae498f3b5cd06deb164bfd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4f05c6325c565802a79411546b7d671abca2432db9a18e27f8b94b634ee02f7
c6107c1c1f1588cac73cb68d83222515b12c5dbf7f988fd0c39b4ff16414d3bc
c84d6be661d4efada7e358aa83934aee338445a6234e143a750fd135655a5c46
c8c2d32e217b202aa389a13dcf22b80f7975551e7ebc3b054ea3dd2bf51c16e8
c99bb554f568a8bfa9c4ebf178407e1fe47e531cd6f1a8f520d3b5c6942deb50
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb83af0eec1fb71fb35196225c4a4a8964b7e47b52f9a85679c808907abd2b09
cb8d40d1eb7e2dc885affcf0012d9e1a73c270d843e8b890d36538e52d0a0342
cc0ce9702ca4d0ef38cb0ca1e3376b29775e04ebf28b53f340943ab32c317d44
cc88f3441ac470237fb505fa8330ae345fe2764fb7a8110dac3daabb485d63a0
cdb2d45484ccbd8b8afad0df13bded17e5703ed552705236345f179be5c487c3
ceb7e7451d515842d0296cf388a7e606247a35a3f3db7a7b2b66c1912e311ab6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d16062bb21d4b09656cd191dcbdd707ae7236bf107a45a869e39145424743624
d1ff88c714aba44928db4fed9138fe90d6a5130097c36ec937363eb1e35364f1
d239e70e2a09a1b7c2bd3a149872ce3c13bc5692e20954636b9a9417d5d24e69
d2b400c65cddf356b9056899cc2e34c1df2964e5437eed73e184634679cbbe77
d79f6c54248f5b42ccec7c4b7bcb0fc2428f5c6d313a12a39b2f197f1ba93ade
d7d9f5027e5a9274a0818bb1e8df6d3a3ba857fc29f11e3a39dbbce80b5d501d
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d98cc6e770bf9c71b8758a040222960e918adb20cc1f71f2296ae4f70256d510
dc938f559635297b823b589a07cc4d100e23d822abdf7f6d2cfbd58c2a2d7b6d
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9e49d13a62d10642d41cefc00008df82a7098d1e575498c1e9ff5dca5ff030
df261a1ac56bde3337a39865654b5421ffde8088ae3bea83b628c8c573d46875
df6d19e007b26d02fef81b82a982f7e4de5641f535b6b91a91df4134cafd2c9f
e10391c94fa3ee18888591df80df27c4e45869c2fefa5b964de5646e2ddb9b6e
e1132ef1a0e1e66eb253ec8a331ae9b3607499da22a7ed9e4f4a95d07835fd60
e259ce5f9c5928acd8a4814950b7085ce5519c2ca9fc97cc1131fbcb434160cc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60566140391e341c2fb0139d6a36214cc68a132acfb259cfbeabe5fc5c3790f
e79508a44168446bbd6e0196cf4203b09afad0267cb80da5958172c1ff85c50f
e803e774c7b59fe74f71ed93acaa875cf9a99947ff8ed7615cd0c93c1667250f
e882237c6f66510cfdb11a04947ecf5416fde1de9a841932f18f4faa58956016
e9275a273f5b661b2e1c2ff639b074f4da97733020c642ae2d26c7ef3fb4d41e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f15a785fb9d43f0c100a47e792bc3fa28a6777003288ec972015370e113cd3ec
f55bd8206cc79207d7c5408949d9a425231382ada8b988dbbb3e5fa8cf490dc9
f581f95dda85779a86c872f49d394493b67e8f062b72f0e3a2ab9b42e717e272
f5b77486edd5891eb9ea5bf42880b5c8e241492197b75107dc385a422afe4074
f68ec7cf550e86cb14e4d992724157c4f625ea3f0cd7d06e9e533c17c735401d
f6afd81582d975378e4e80b24ce2267f3d7d9a89daa42d119de83bfb6c087940
f7d55591ace4f2ac460bd2d93ba3a2a48261afdba8a3f55a662fefc81dda8b24
f7d70a188cc9b9d9b7ef6c03d4ef78cff44506cfd92582772416ddc39d865ab8
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
fa84adaa52138db2f2ca946b1e3ce31105a39a9a1f1b5fb25ad456241c2d0e73
fcff9c71b8d8336b9c2aba86ac51ee672c017ffaf18fcb11727186334f995bd6
fdd0c5dfe26ff3888b61cad19a55ed3874ccb74a7ae5f41f3fa0b964811766aa
ff18779bb7f76122171e9faa51b7af30bc0239d361c926489b02032bb5bccb54