www.gq.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/3...
Effective URL:
https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/3...
Submission: On September 01 via manual (September 1st 2021, 5:28:55 pm UTC) from HU

Summary HTTP 222 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 65 IPs in 7 countries across 46 domains to perform 222 HTTP transactions. The main IP is 2.18.233.28, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.gq.com.au.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 25th 2021. Valid for: a year.

This is the only time www.gq.com.au was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 22	2.18.233.28 2.18.233.28	16625 (AKAMAI-AS) (AKAMAI-AS)
12	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.24.194 184.30.24.194	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2.18.234.36 2.18.234.36	16625 (AKAMAI-AS) (AKAMAI-AS)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2 5	13.32.121.17 13.32.121.17	16509 (AMAZON-02) (AMAZON-02)
9	2.18.233.169 2.18.233.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
2 4	2a03:2880:f21... 2a03:2880:f21c:80e5:face:b00c:0:4420	32934 (FACEBOOK) (FACEBOOK)
6	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2	2a04:fa87:fff... 2a04:fa87:fffd::c000:42b8	2635 (AUTOMATTIC) (AUTOMATTIC)
2	192.0.77.48 192.0.77.48	2635 (AUTOMATTIC) (AUTOMATTIC)
1	70.42.32.159 70.42.32.159	13789 (INTERNAP-...) (INTERNAP-BLK3)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2016	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:2240:800:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
14	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.112.31 18.66.112.31	16509 (AMAZON-02) (AMAZON-02)
1 2	2600:9000:223... 2600:9000:223c:5c00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2600:9000:224... 2600:9000:2240:4800:2:42d9:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
3	44.197.35.129 44.197.35.129	14618 (AMAZON-AES) (AMAZON-AES)
1	13.32.121.26 13.32.121.26	16509 (AMAZON-02) (AMAZON-02)
2 15	52.48.145.41 52.48.145.41	16509 (AMAZON-02) (AMAZON-02)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	52.62.232.61 52.62.232.61	16509 (AMAZON-02) (AMAZON-02)
11	52.50.243.239 52.50.243.239	16509 (AMAZON-02) (AMAZON-02)
1	18.203.33.226 18.203.33.226	16509 (AMAZON-02) (AMAZON-02)
2	15.188.95.229 15.188.95.229	16509 (AMAZON-02) (AMAZON-02)
1 1	34.248.191.66 34.248.191.66	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	54.194.202.134 54.194.202.134	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223f:7c00:1d:667e:2a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3 4	185.33.221.89 185.33.221.89	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (TURN) (TURN)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
10	52.49.37.161 52.49.37.161	16509 (AMAZON-02) (AMAZON-02)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
2 2	13.248.242.197 13.248.242.197	16509 (AMAZON-02) (AMAZON-02)
21	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1 1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	199.127.207.182 199.127.207.182	26120 (RHYTHMONE) (RHYTHMONE)
1 1	52.57.150.20 52.57.150.20	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 1	52.70.197.1 52.70.197.1	14618 (AMAZON-AES) (AMAZON-AES)
1	54.72.203.75 54.72.203.75	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
10 10	151.101.14.49 151.101.14.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
1 1	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	2a04:4e42:3::300 2a04:4e42:3::300	54113 (FASTLY) (FASTLY)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
222	65

22 2.18.233.28 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-28.deploy.static.akamaitechnologies.com

www.gq.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content.api.news	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.24.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-194.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.36 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-36.deploy.static.akamaitechnologies.com

cdns.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdns.au1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.32.121.17 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-17.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.233.169 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-169.deploy.static.akamaitechnologies.com

tags.news.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f21c:80e5:face:b00c:0:4420 (Frankfurt am Main, Germany) 2 redirects

ASN32934 (FACEBOOK, US)

www.instagram.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffd::c000:42b8 (Ireland)

ASN2635 (AUTOMATTIC, US)

origin.go.gq.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.77.48 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org

s.w.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.159 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2240:800:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.31 (United States)

ASN16509 (AMAZON-02, US)

au.tags.newscgp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5c00:1e:a43d:b640:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:4800:2:42d9:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.197.35.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-35-129.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.121.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-26.fra60.r.cloudfront.net

cdn.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.48.145.41 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.62.232.61 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-62-232-61.ap-southeast-2.compute.amazonaws.com

accounts.au1.gigya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.50.243.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.33.226 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

newscorpau.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

metrics.gq.com.au	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.248.191.66 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-191-66.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.194.202.134 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-202-134.eu-west-1.compute.amazonaws.com

secure-sdk.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:7c00:1d:667e:2a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

2cf7quzlbkmuz2x7nlyamnygmam1m1630517316.nuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.221.89 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.49.37.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.242.197 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

image5.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.127.207.182 (United States) 1 redirects

ASN26120 (RHYTHMONE, US)

dt.scanscout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.57.150.20 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.197.1 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-197-1.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.72.203.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-203-75.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 151.101.14.49 (Frankfurt am Main, Germany) 10 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.45 (United Kingdom) 1 redirects

ASN3356 (LEVEL3, US)

sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	adsafeprotected.com cdn.adsafeprotected.com pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	484 KB
23	googlesyndication.com pagead2.googlesyndication.com ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com tpc.googlesyndication.com	90 KB
21	doubleclick.net 3 redirects googleads.g.doubleclick.net static.doubleclick.net securepubads.g.doubleclick.net cm.g.doubleclick.net	166 KB
21	gq.com.au 1 redirects www.gq.com.au origin.go.gq.com.au metrics.gq.com.au	1 MB
17	taboola.com cdn.taboola.com trc.taboola.com am-trc-events.taboola.com pips.taboola.com cds.taboola.com	167 KB
16	demdex.net 2 redirects dpm.demdex.net newscorpau.demdex.net	20 KB
11	everesttech.net 11 redirects cm.everesttech.net sync-tm.everesttech.net	2 KB
9	imrworldwide.com 1 redirects secure-gl.imrworldwide.com cdn-gl.imrworldwide.com secure-sdk.imrworldwide.com 2cf7quzlbkmuz2x7nlyamnygmam1m1630517316.nuid.imrworldwide.com	74 KB
9	youtube.com www.youtube.com	671 KB
9	news.com.au tags.news.com.au	199 KB
6	googletagservices.com www.googletagservices.com	212 KB
6	google.com www.google.com adservice.google.com	14 KB
5	api.news content.api.news	321 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com	3 KB
5	gigya.com cdns.gigya.com cdns.au1.gigya.com accounts.au1.gigya.com	152 KB
4	adnxs.com 3 redirects ib.adnxs.com	4 KB
4	instagram.com 2 redirects www.instagram.com	6 KB
3	casalemedia.com 2 redirects ssum.casalemedia.com dsum-sec.casalemedia.com	2 KB
3	chartbeat.net ping.chartbeat.net	601 B
2	1rx.io 2 redirects sync.1rx.io	900 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	openx.net 1 redirects us-u.openx.net	286 B
2	krxd.net 1 redirects usermatch.krxd.net beacon.krxd.net	529 B
2	pubmatic.com 1 redirects image5.pubmatic.com image2.pubmatic.com	761 B
2	adsrvr.org 2 redirects match.adsrvr.org	935 B
2	rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	453 B
2	google.de www.google.de adservice.google.de	273 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	gstatic.com fonts.gstatic.com www.gstatic.com	17 KB
2	w.org s.w.org	1 KB
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	789 B
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	tiqcdn.com tags.tiqcdn.com	21 KB
2	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com	62 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	475 B
1	facebook.com www.facebook.com	1 KB
1	bluekai.com 1 redirects tags.bluekai.com	713 B
1	eyeota.net 1 redirects ps.eyeota.net	418 B
1	scanscout.com 1 redirects dt.scanscout.com	692 B
1	turn.com 1 redirects d.turn.com	402 B
1	googleadservices.com www.googleadservices.com	14 KB
1	newscgp.com au.tags.newscgp.com	48 KB
1	googletagmanager.com www.googletagmanager.com	38 KB
1	chartbeat.com static.chartbeat.com	23 KB
1	ytimg.com i.ytimg.com	7 KB
1	ggpht.com yt3.ggpht.com	1 KB
222	46

	Domain	Requested by
21	dt.adsafeprotected.com	www.gq.com.au
17	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
17	www.gq.com.au	1 redirects www.gq.com.au
15	dpm.demdex.net	2 redirects www.gq.com.au tags.news.com.au
14	securepubads.g.doubleclick.net	tags.tiqcdn.com securepubads.g.doubleclick.net www.gq.com.au www.googletagservices.com
11	pixel.adsafeprotected.com	cdn.adsafeprotected.com www.gq.com.au
10	sync-tm.everesttech.net	10 redirects
10	static.adsafeprotected.com	pixel.adsafeprotected.com www.gq.com.au
9	www.youtube.com	www.gq.com.au www.youtube.com
9	tags.news.com.au	tags.tiqcdn.com au.tags.newscgp.com
9	cdn.taboola.com	www.gq.com.au cdn.taboola.com
6	www.googletagservices.com	securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.google.com	www.youtube.com www.gq.com.au securepubads.g.doubleclick.net tpc.googlesyndication.com
5	content.api.news	www.gq.com.au
5	sb.scorecardresearch.com	2 redirects cdn.taboola.com www.gq.com.au
4	ib.adnxs.com	3 redirects
4	cdn-gl.imrworldwide.com	www.gq.com.au tags.news.com.au cdn-gl.imrworldwide.com
4	www.instagram.com	2 redirects www.gq.com.au www.instagram.com
3	cm.g.doubleclick.net	2 redirects
3	am-trc-events.taboola.com	www.gq.com.au
3	trc.taboola.com	cdn.taboola.com
3	ping.chartbeat.net	www.gq.com.au
3	googleads.g.doubleclick.net	1 redirects www.youtube.com www.googleadservices.com
3	cdns.au1.gigya.com	cdns.gigya.com cdns.au1.gigya.com
2	sync.1rx.io	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	us-u.openx.net	1 redirects
2	ssum.casalemedia.com	2 redirects
2	match.adsrvr.org	2 redirects
2	secure-sdk.imrworldwide.com	www.gq.com.au
2	metrics.gq.com.au	tags.news.com.au www.gq.com.au
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	secure-gl.imrworldwide.com	1 redirects www.gq.com.au
2	s.w.org	www.gq.com.au
2	origin.go.gq.com.au	www.gq.com.au
2	tags.tiqcdn.com	www.gq.com.au tags.tiqcdn.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	sync.targeting.unrulymedia.com	1 redirects
1	www.facebook.com
1	image2.pubmatic.com
1	dsum-sec.casalemedia.com
1	pixel.rubiconproject.com
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net
1	usermatch.krxd.net	1 redirects
1	ps.eyeota.net	1 redirects
1	dt.scanscout.com	1 redirects
1	image5.pubmatic.com	1 redirects
1	token.rubiconproject.com	www.gq.com.au
1	d.turn.com	1 redirects
1	ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	2cf7quzlbkmuz2x7nlyamnygmam1m1630517316.nuid.imrworldwide.com	www.gq.com.au
1	www.google.de	www.gq.com.au
1	cm.everesttech.net	1 redirects
1	newscorpau.demdex.net	tags.news.com.au
1	accounts.au1.gigya.com	cdns.au1.gigya.com
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.adsafeprotected.com	tags.news.com.au
1	www.gstatic.com	www.youtube.com
1	au.tags.newscgp.com	tags.tiqcdn.com
1	www.googletagmanager.com	tags.tiqcdn.com
1	static.chartbeat.com	tags.tiqcdn.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	fonts.gstatic.com	www.youtube.com
1	log.outbrainimg.com	widgets.outbrain.com
1	pixel.wp.com	www.gq.com.au
1	widget-pixels.outbrain.com	www.gq.com.au
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	stats.wp.com	www.gq.com.au
1	cdns.gigya.com	www.gq.com.au
1	widgets.outbrain.com	www.gq.com.au
222	77

This site contains links to these domains. Also see Links.

Domain
magsonline.com.au
www.facebook.com
twitter.com
www.instagram.com
plus.google.com
www.newscorpaustraliaprivacy.com
www.newscorpaustralia.com
www.magazines.org.au
www.dailysabah.com
stepfeed.com
www.oprahmag.com
www.newsletters.news.com.au
wpvip.com

Subject Issuer	Validity	Valid
news.com.au DigiCert SHA2 Secure Server CA	`2021-02-25` - `2022-02-28`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2021-04-19` - `2022-04-27`	a year	crt.sh
cdns.gigya.com DigiCert SHA2 Secure Server CA	`2021-03-05` - `2022-03-10`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.www.instagram.com DigiCert SHA2 High Assurance Server CA	`2021-08-12` - `2021-11-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
origin.go.gq.com.au R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.w.org Sectigo RSA Domain Validation Secure Server CA	`2019-12-19` - `2021-12-18`	2 years	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
au.tags.newscgp.com Amazon	`2021-01-25` - `2022-02-22`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-28` - `2022-02-01`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.adsafeprotected.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.au1.gigya.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2021-08-11` - `2022-09-09`	a year	crt.sh
metrics.gq.com.au DigiCert TLS RSA SHA256 2020 CA1	`2021-06-16` - `2022-07-17`	a year	crt.sh
www.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.nuid.imrworldwide.com Amazon	`2021-06-11` - `2022-07-10`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh

This page contains 24 frames:

Primary Page: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Frame ID: 8AE521E067BEDBD4B6E0BEA98B812F5B
Requests: 127 HTTP requests in this frame

Frame: https://www.youtube.com/embed/NOyrvdSVTCA
Frame ID: 3B17613634BE7BB7C99E94FF0E862B3D
Requests: 17 HTTP requests in this frame

Frame: https://cdns.au1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&version=latest&build=12426
Frame ID: 775530F0225066695E1AF0126A39A2AC
Requests: 3 HTTP requests in this frame

Frame: https://www.instagram.com/accounts/login/
Frame ID: A681DEBA2B3609FA49810A20A466F16C
Requests: 1 HTTP requests in this frame

Frame: https://newscorpau.demdex.net/dest5.html?d_nsid=0
Frame ID: 3C97DA091CFD24240F858EB251B9AB4F
Requests: 22 HTTP requests in this frame

Frame: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Frame ID: F03356889761324BB6ACE641B24DDA9F
Requests: 3 HTTP requests in this frame

Frame: https://ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F11D6DB343F2E3D759DDB21844FE31E0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9xVkBAgRkhP9CIeV-Y7I8LxBBNYftIYzzYYuBN8MQiQP8F3yFp4Y9HGIC1spd6AADAp61NwAMLylqUL7rcbqf5KTyPWAMBUkonwbdtU72LAZUUlrqFaagrXFZFrPgvyaD81f_YJUdP5DK4YKEGS4gYbF1mdxlPordD1EPFHzOE9Z76qN6l-u-YPNI9DjpkJIHsgRskVQm1P3-JfS5esGclSCUF0qnEfz7KuaLGGTgJ6NmLJ1o-xm2CiWh0_Pt4OFllg-7XSUI19Jeoe4LJ3p9x471Yx7cu19x6yIA6cvTUV5AD1Pzx6GjJz_TijLe-fc3HHvJcyieQd6q_y-d2wsf5HM7oocU8ueZS-s1ra5l5QIiZ5aeOiYdS5jkLo5gelg-Un_SYrpeAgFwL1zTWKmteWCfgm1rvmd6xQ0mpFQu65stz95_-tivUyf66dWHbDIy5m1yxSHPGZP3fMzk&sai=AMfl-YQs-sTmYQvZWzkdMItyA6Pq7YaxwDpiUnUiatxq1k6Mz6C12-wy2eLZF25Q_PpGW8X32WzDktRSbMzO&sig=Cg0ArKJSzB7IA6kj4X1fEAE&adurl=
Frame ID: 5FAC1DC826CCF3F22E34E27A0392EB79
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1wOZMYQfG9wZ31H5g3Z8vPXOOUF0QPfzhA9hAEDX2Iek3WtsxbXUabl03SIny3PtF15nmfx8eWLw43bqZ6Y3zbRT85KC4S3NP9kRR5gU9nCHBSwTgQomY9kDdAS8HMS_UoVnY6daZ5aRXv5pnsCzfyR18qQpQdjbdARIwOBqTvC8l7KC1iv74VODLslRNxFjJNr0-aSS0PK7lbp1-jDUl1mGJVTdjqc6JD3UuoVBxCdyYZ16a99-BuK4nE5BCVWiBjQVMaukI1UxlYkbUUVa8k1yH2RLsMgZqsJDdEJYDaJSwpU8AmrmIqZDbMfBYl0ZRyhLMhKGtcidFUjsaKDay1TzwELLgOW5ekg2l95JeV-OPlzxPto-OeLrQvYu2J1YHJbl-YWBJ7oXoisWo5aM76VIqLjElCIcsSh3y0g_4M0cqZp4Of0gc4CD_yehzjFccnq6dsbTtY2k3zFrz&sai=AMfl-YT94_kxO4RisQatsqgn8gS_fDMSKAq_fXgmIB280Snydfy7c9-Q0-Wuw0uA-2PTFfj-IYFy3eir51PS&sig=Cg0ArKJSzNHF6Uj2AE7FEAE&adurl=
Frame ID: 8D7E136D37AF03390BF3860E2DA63655
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss_S7tSlwXXsETWsKIylJAK3ZetMxQMbeT0i35GpVNBLSpolA3XV55ROB1qU-bwlfgrM9xkCPKVEwVVIpTiDGwXrgtrQl6-uaiWy41W2FkGL1Z8mwkmQx_DS_XMaEz4d930za_IG_JKUxld0lv9MhdJQenHFJ76GplJp4wSe_1pWl1zrSqomnSP0ATbccE3W-3n5HbqAZJaMBROjOVK621OLtLZaEU6fGQMuCRRae-JJwKLd8Qk4iN7uczv3s6DKAqEA4-udECRJoFrr1Y_RDuL06XYsQnLaSRgbetFCjM_TJrVAWy_n0rsZxpUzBiIBmyXrl_YvqelCPQXLIkC5KBY6RMChMDBAc32K0oiiPrORkSkQ5gUM0N_Np0NRg5pSBLruBrHcOKjvP_rRiTWI-WbeIZBlhBVUOSquqmTIbHfNb9yAMxddMp4UPw3Qx14VCyphm8qCAaq6nQowxZ&sai=AMfl-YQT0bJZin4At2gcp4vjGBlOGViV2zFK5e6oQdbFR9pBAQ4YAjVEc68upUw2NShYJuA27mIIgMm6oACo&sig=Cg0ArKJSzEjkkFF26jvqEAE&adurl=
Frame ID: 9CFCC5C6D6AE0A1A9044168070982BC2
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1p-o1JQKeE-fd17tYhUdif7FHhgb3yz5Vw4_-V9zTaHofkJI1oEStV_LN1y5Ev9x8CuCMEpkPFmvDo3_Bqb2-EOu52YQ6ckXlS-atYFhyuFaQg9kibZii4rO6125Qy9cB4riVqlJlaU1yjDMNoC6gFAO7gIrqsi-a-B8mRxIRVs_bwukdO2s2iu44zYLTNj4T6pyBtb3fw0O_O2wHW28HURkiu6xoXjPe38H4EoCkEejUr3j2_3onVrGyPYvIY5Y5JfTuqh5XXuuDSsQW8fLD_AT4oUolsBq3f-Kl7n30q6zNkkgM5PDt-8nwtiWmKdKR_I4PT1cxVfBA_4vvja8Wf7dpahdxawTXJclMFc9EXcz-vwcYxRuknWnbULdNfmN6CoTbS44hyLlmvbs0KV6QCPtyGkBNcn7y4R5bgfZCswGTwZcptDTpsbbUygaACBWWEm7hxlShgyYCcFKV&sai=AMfl-YRnERDiQQs9VgWRB_KwQq1tB6ajec9cBq2MB3ucujEDyl2sZyyz-ebv3gbnOFWod_zHKcQ5WDtf5nc0&sig=Cg0ArKJSzA5zZfz0TIx-EAE&adurl=
Frame ID: 95F11797D503D0C01A23143A40903715
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHcQWhtBpW8EGdgYnzYoob9_-QjVO0agbZjnfwwTSf3K3PN8ID5orzW930JlFi7HAyj-FsjG5R2QI0Hn9T55lKS7l4CPBEAOvmAgNdHFuUAOzHVFn6jl_N6rVxkBmWHv6cHrfAohyp396X2McZTy8icEiUWIvidM2uAXoFdprZaVEcjBE8MIXNKmOaKgF3SuYl2o84Y4tUoQu4CSyaSaxpTnhwYIoE4jwYgWZzYre726oQzxmOhP34CTaGRsqffsi-yH3-a8nDwDWfO3zVKRMDrCAlFUjlsn1jtsi3HnpEWNlzMvCr-Jb0llXtyWm8oHniuOpTYnlSH-9iZ9z2uwF9xSiFKoShZwdl1-0C9IjznGXk_EpR_-0lvh8D77S5_K0MS4v3nIyDpSJrv6NwZwBUhxn11CRcwFTMh7bUWl4mkU2OBDPaVHNuBAeIz6bLmRGHUmuRQ_mpl37leY_S&sai=AMfl-YSphfWCm-Lf0AhEaVNofsq5C_ITFHIc9-EVrjs0AC6N9uGIi1ASrNoXjJEhOm_kev0lnOW2uKF2qeoy&sig=Cg0ArKJSzModuwLUpReSEAE&adurl=
Frame ID: ED320E702F20ABA29F1444A1F48C6BA7
Requests: 8 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=304039622&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a1-0b4a-11ec-acc2-0a6fa201f3de
Frame ID: 45A22E68EF157A8ACDFF3E57B5A912C8
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=637741299&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a4-0b4a-11ec-acc2-0a6fa201f3de
Frame ID: 0334B0C25BD3391DF5B21307C7E07F4A
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1110897873&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a3-0b4a-11ec-acc2-0a6fa201f3de
Frame ID: 50E3D92B9D4D740F7A96324BF07D254F
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1130347547&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a2-0b4a-11ec-acc2-0a6fa201f3de
Frame ID: 51A0054C29B859C461E2FF4A6DF046CF
Requests: 2 HTTP requests in this frame

Frame: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=427146922&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a5-0b4a-11ec-acc2-0a6fa201f3de
Frame ID: D22034D7E0C15A7ACFB2F27091FCCF96
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 679BA1547EEB5BB007E9E17E38A0C9EA
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 65398614E0CA9E75611FB13ABA83FD0F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B2CD64B53CEE5DB8C546FDC417A7E6B0
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: B9CB199D4AE59FDEB8866127D094BA46
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 0101B7C19E84562ECF94DAD14E83CBED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9B11A7D7CB60905FD2A944ED4C46FD6A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE462DFF3EC371EFF09EEACCDDB1B42A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Has Netflix’s La Casa De Papel Inspired Real Life Money Heists? - GQ

Page URL History Show full URLs

http://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money... HTTP 301
https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /\/prebid\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

222
Requests

100 %
HTTPS

39 %
IPv6

46
Domains

77
Subdomains

65
IPs

7
Countries

4095 kB
Transfer

10240 kB
Size

19
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: http://magsonline.com.au/p/k2009GQS
Title: Subscribe Now

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GQAustralia

Search URL Search Domain Scan URL

URL: https://twitter.com/GQAustralia

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gqaustralia/

Search URL Search Domain Scan URL

URL: https://plus.google.com/111041775321218601100

Search URL Search Domain Scan URL

URL: http://www.newscorpaustraliaprivacy.com/
Title: here

Search URL Search Domain Scan URL

URL: http://www.newscorpaustraliaprivacy.com/index.html#optout
Title: Relevant Ads Opt-out

Search URL Search Domain Scan URL

URL: http://www.newscorpaustraliaprivacy.com/index.html#collect
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/brand/gq
Title: Advertise on gq.com.au

Search URL Search Domain Scan URL

URL: http://www.newscorpaustralia.com/

Search URL Search Domain Scan URL

URL: http://www.magazines.org.au/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/miguel.g.herran
Title: Miguel Herr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/p/B4R2K8iDQvu/?utm_source=ig_embed&utm_campaign=loading
Title: View this post on Instagram

Search URL Search Domain Scan URL

URL: https://www.instagram.com/happy_story_14/?utm_source=ig_embed&utm_campaign=loading
Title: Megha Shrestha (シュレスタメガ)

Search URL Search Domain Scan URL

URL: https://www.dailysabah.com/americas/2019/08/07/real-life-la-casa-de-papel-robbers-steal-25-million-in-gold-coins-from-mexican-mint
Title: costing them 2.5 million dollars

Search URL Search Domain Scan URL

URL: https://stepfeed.com/moroccan-thieves-steal-usd15-000-in-france-la-casa-de-papel-style-1356
Title: two robberies

Search URL Search Domain Scan URL

URL: https://www.dailysabah.com/turkey/2018/12/21/5-turkish-thieves-nabbed-in-130k-electronics-heist-inspired-by-la-casa-de-papel
Title: stealing $180,000

Search URL Search Domain Scan URL

URL: https://www.oprahmag.com/entertainment/tv-movies/a28422703/la-casa-de-papel-money-heist-true-story/
Title: some

Search URL Search Domain Scan URL

URL: https://www.newsletters.news.com.au/gq

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=www.gq.com.au

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe HTTP 301
https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1630517314960&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314960&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9=

Request Chain 14

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1630517314961&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314961&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9=

Request Chain 19

https://www.instagram.com/embed.js HTTP 302
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

Request Chain 50

https://www.instagram.com/p/B4R2K8iDQvu/embed/captioned/?cr=1&v=12&wp=540&rd=https%3A%2F%2Fwww.gq.com.au&rp=%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe HTTP 302
https://www.instagram.com/accounts/login/

Request Chain 51

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 67

https://secure-gl.imrworldwide.com/v60.js HTTP 301
https://cdn-gl.imrworldwide.com/v60.js

Request Chain 79

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1630517315838 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1630517315838

Request Chain 91

https://cm.everesttech.net/cm/dd?d_uuid=76468966948559437041532359418872185474 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS_4RAAAAJWObwQz

Request Chain 101

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6835395103186562102

Request Chain 132

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2875074148033417874

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzY0Njg5NjY5NDg1NTk0MzcwNDE1MzIzNTk0MTg4NzIxODU0NzQ= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzY0Njg5NjY5NDg1NTk0MzcwNDE1MzIzNTk0MTg4NzIxODU0NzQ=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEE_CrcPAIttNr4nMuV7VIYc&google_cver=1?gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEE_CrcPAIttNr4nMuV7VIYc&google_cver=1

Request Chain 163

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5c848302-9576-43eb-9175-5cc92ede7e68

Request Chain 178

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID HTTP 302
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

Request Chain 186

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__ HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1 HTTP 302
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YS.4RY0sp5URf6e1.wOTNQAA%261175

Request Chain 188

https://dt.scanscout.com/ssframework/uid?UIAA=76468966948559437041532359418872185474&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D HTTP 302
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-4ab0ba9f1dab69d3398b49cc5704c00d

Request Chain 190

https://ps.eyeota.net/match?bid=6j5b2cv&uid=76468966948559437041532359418872185474&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Request Chain 195

https://usermatch.krxd.net/um/v2?partner=adobe&id=76468966948559437041532359418872185474 HTTP 302
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76468966948559437041532359418872185474

Request Chain 198

https://tags.bluekai.com/site/43981?id=76468966948559437041532359418872185474&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID HTTP 302
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=YS_4RQAEJ53ncQBg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVNfNFJRQUVKNTNuY1FCZw==&_test=YS_4RQAEJ53ncQBg

Request Chain 203

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YS_4RQAEJ0fpIwBg HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS_4RQAEJ0fpIwBg&expires=90&_test=YS_4RQAEJ0fpIwBg

Request Chain 207

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS_4RQAEJ53ncQBg

Request Chain 208

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=YS_4RQAEJ0fpIwBg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYS_4RQAEJ0fpIwBg

Request Chain 209

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YS_4RQAEJ0fpIwBg HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS_4RQAEJ0fpIwBg

Request Chain 214

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS_4RQAEJ0fpIwBg

Request Chain 217

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS_4RQAEJ0fpIwBg&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS_4RQAEJ0fpIwBg&img=1&__user_check__=1&sync_id=0b02c874-0b4a-11ec-a246-1a7cb9e30106

Request Chain 219

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS_4RQAEJ0fpIwBg&t=2592000&o=0

Request Chain 221

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D HTTP 302
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1630517318417 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003 HTTP 302
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003

222 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request 37feda706e2193b852cba885010c71fe Show response
www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/
Redirect Chain

http://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

88 KB
29 KB

616ms
518ms

Document
text/html

2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

fd99192ea5db6810e236fe68153b3e1407e6a564ac3d853d0272aac6065eabd1

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Host: www.gq.com.au
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Server: nginx
Content-Type: text/html; charset=UTF-8
X-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
is-https: true
Vary: User-Agent Accept-Encoding
X-rq: ewr4 0 4 9980
X-XSS-Protection: 1
X-Content-Type-Options: nosniff
Host-Header: a9130478a60e5f9135f765b23f26593b
X-Powered-By: WordPress VIP <https://wpvip.com>
Content-Encoding: gzip
Cache-Control: max-age=8
Expires: Wed, 01 Sep 2021 17:28:42 GMT
Date: Wed, 01 Sep 2021 17:28:34 GMT
Content-Length: 28012
Connection: keep-alive

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Cache-Control: max-age=0
Expires: Wed, 01 Sep 2021 17:28:33 GMT
Date: Wed, 01 Sep 2021 17:28:33 GMT
Connection: keep-alive
Vary: User-Agent
is-https: false

GET
H/1.1 200
OK /
www.gq.com.au/_static/ 228 KB
44 KB 176ms
171ms Stylesheet
text/css 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e891f08b9fc6dc0214069beaf7714b2508b2bf88c22e65db5c8da2ba277d5637

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
X-rq: ewr4 0 4 9980
Content-Encoding: gzip
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Server: nginx
Date: Wed, 01 Sep 2021 17:28:34 GMT
Vary: User-Agent Accept-Encoding
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=0, no-cache
Transfer-Encoding: chunked
is-https: true
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Connection: keep-alive Transfer-Encoding
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Expires: Wed, 01 Sep 2021 17:28:34 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/newscorpau-aud-gqau/ 180 KB
26 KB 25ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 949a03bee7d03a38d36b7f3bd7823b4d6714bfb4116484d2f095d625746fb4e3

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: VnDn4_YEME5dfxS7d7xlCcG5JcE0mEiL
content-encoding: gzip
etag: "41a04fa7fba604ff22c830c624c48067"
age: 75
x-cache: HIT
content-length: 26614
x-amz-id-2: 8RQwy3u3I/uaDdTNqnQadWEplXYS2nSr0J4N7K1aYDdNXgQCuQJHGGUt6dRLq4618AtujJAolb0=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 01 Sep 2021 08:47:12 GMT
server: AmazonS3
x-timer: S1630517315.511799,VS0,VE1
date: Wed, 01 Sep 2021 17:28:34 GMT
vary: Accept-Encoding
x-amz-request-id: EFP12GE82A1B10F5
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 41
x-cache-hits: 1

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
www.gq.com.au/wp-includes/js/ 18 KB
19 KB 308ms
151ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-includes/js/wp-emoji-release.min.js?ver=5.8

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-rq: ewr4 0 4 9980
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Server: nginx
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
ETag: W/"60f7169f-4705"
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=1
Date: Wed, 01 Sep 2021 17:28:34 GMT
is-https: true
Connection: keep-alive
Content-Length: 18181
Expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 182 KB
61 KB 439ms
21ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e085a26eb51afeafde34e90158819cf99128beef358b4d83f897356b2edf71e7

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:34 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 09:32:41 GMT
etag: W/"2d8a6-0xN2SgUBpzOHZpBnWdp2KUOkxsY"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 8ff506798d33a4bf032a010455ec05eb
timing-allow-origin: *, *
content-length: 61981
expires: Wed, 01 Sep 2021 21:28:34 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/newsltd/gq/prod/ 85 KB
21 KB 43ms
22ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8b510b00b04bec88beb654a232c4086fa128f2bbcf2ecfb3ffc842e067398570

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:34 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 05:19:43 GMT
server: AkamaiNetStorage
etag: "aefac6fba535fba578ac35c3f01645cf:1630387183.756332"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
content-length: 21318
expires: Wed, 01 Sep 2021 17:33:34 GMT

GET
H/1.1 200
OK / Show response
www.gq.com.au/_static/ 1 KB
3 KB 155ms
147ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/_static/??-eJyNzMEKgzAQBNAfMi5V0fYgfoqENN1uqJvgrgT/vlHw7mUOw8yDnIyLrJ4V0m9DYgH2WVxck93MVWkmNFRmuFqlyGBFvAoEAe++8Yx6Ia6DVHCPRMLdXs6bRA/sLOfy/hRpWsZH3/RdO7yGZ/gD6Zg/oA==

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

38a19e94d058277f6fadcfda51d2ba5612c9ca4367c247e1c21bcdba33947e2d

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-rq: ewr4 0 4 9980
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Server: nginx
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Date: Wed, 01 Sep 2021 17:28:34 GMT
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=1
is-https: true
Connection: keep-alive
Content-Length: 1486
Expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H/1.1 200
OK gigya.js Show response
cdns.gigya.com/JS/ 347 KB
114 KB 441ms
24ms Script
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ee7d7b8f826dac2825f3dc5bed85beca8206075c83e5f4c43302601917debb5c

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:34 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: f4cc9b4f8cd646fc807f504f5cad0ef0
Cache-Control: public, max-age=900, s-maxage=3600
x-server: us1d-nomad-g4
Connection: keep-alive
x-robots-tag: none
Content-Length: 116437
Expires: Wed, 01 Sep 2021 17:43:34 GMT

GET
H/1.1 200
OK / Show response
www.gq.com.au/_static/ 839 KB
840 KB 319ms
168ms Script
application/javascript 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/_static/??/wp-content/themes/newscorpau-nlm-gq/assets/dist/js/bundle.js,/wp-includes/js/wp-embed.min.js?m=1626805898j

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a68098bde738b22639922e889230e777444f98da16b2777251af5b0dc5385a1b

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-rq: ewr4 0 4 9980
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Server: nginx
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Date: Wed, 01 Sep 2021 17:28:34 GMT
Vary: User-Agent
Content-Type: application/javascript
Cache-Control: max-age=6
is-https: true
Connection: keep-alive
Content-Length: 858849
Expires: Wed, 01 Sep 2021 17:28:40 GMT

GET
H2 200 e-202135.js Show response
stats.wp.com/ 9 KB
3 KB 28ms
7ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202135.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn
date: Wed, 01 Sep 2021 17:28:34 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 21 Aug 2022 23:08:08 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 417ms
20ms Script
application/javascript 13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:22:53 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 101135
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: YVMJxhQf3rW0drmMR5ltFY3vpJU6yEPQioe5mAV1z84W7juY0JYxlQ==

GET
H2 200 utrack.js Show response
tags.news.com.au/prod/utrack/ 2 KB
1 KB 92ms
25ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/utrack/utrack.js?cb=16305173149340.809578365070381
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab4f3fe7c5c43b61d4377ef72d3952fa:1558613430"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=0, no-cache, no-store
content-type: application/x-javascript
content-length: 831
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H2 200 mitas.js Show response
tags.news.com.au/prod/mitas/ 666 B
905 B 89ms
24ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/mitas/mitas.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
cache-control: max-age=72937
server: AkamaiNetStorage
content-type: application/x-javascript
etag: "83a2bbd4d3829f1d4278f4ff0988804c:1490850995"
content-length: 666
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
361 B 548ms
483ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:35 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1630517314960&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%2...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314960&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%...

64 B
331 B

21ms
21ms

Image
image/gif

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314960&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9=
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: YK6DF23aR0eQwtTVkJ6YE4YeHTPhZlW_9_3Nxfy9DnDREguVyl7CfQ==

Redirect headers

date: Wed, 01 Sep 2021 17:28:34 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314960&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9=
content-length: 396
x-amz-cf-id: l3uQ0h9NUMk1M-HK-HP3l2lOMgQYmd-kR9WxSAWPoSFNix07Hxxwmg==

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&ns__t=1630517314961&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%2...
https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314961&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%...

64 B
331 B

21ms
21ms

Image
image/gif

13.32.121.17
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314961&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9=
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-17.fra60.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: STeu344X-qrbvPgtZCC8bqkCNBQZ_W8JrzKTddCjpnkiDwE1k_briw==

Redirect headers

date: Wed, 01 Sep 2021 17:28:34 GMT
via: 1.1 fd38301adb0ceb6cf6c42567f371a2f5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=34354936&c3=1&ns__t=1630517314961&ns_c=UTF-8&cv=3.5&c8=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&c7=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c9=
content-length: 396
x-amz-cf-id: EypKBNLyAlGnX9WtIrHvKPuaXGnUgFKOFaAOLDqk2_iHYUsXaZ4Q1A==

GET
H/1.1 200
OK d3d3LmdxLmNvbS5hdQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 77ms
25ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmdxLmNvbS5hdQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=26614
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 3cf2af9a7e38efa43e2f975d980a0e7c
Content-Length: 16
Expires: Thu, 02 Sep 2021 00:52:09 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 21ms
18ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.55239300422504
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Fri, 01 Oct 2021 17:28:35 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.au1.gigya.com/ 2 KB
1 KB 93ms
33ms Fetch
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.au1.gigya.com/sdk.config.get?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O
Requested by: Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e74b0814da007dbdb576846ebe32c0c7abff1d41cbd11372a4b68d5a84b51402

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: ee51aa7672074e2dbf82dd6aa86f9ff1
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g9
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 785

GET
H/1.1 403
Forbidden embed.js%22
www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/%3Cscript%20async%20src=%22//www.instagram.com/ 0
0 25ms
24ms Script
text/html 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/%3Cscript%20async%20src=%22//www.instagram.com/embed.js%22

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/_static/??/wp-content/themes/newscorpau-nlm-gq/assets/dist/js/bundle.js,/wp-includes/js/wp-embed.min.js?m=1626805898j

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

AkamaiGHost /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Server: AkamaiGHost
Mime-Version: 1.0
Vary: User-Agent
Content-Type: text/html
Expires: Wed, 01 Sep 2021 17:28:35 GMT
Cache-Control: max-age=0
is-https: true
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Connection: close
Content-Length: 527
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H2

200

58b07fec4121.js Show response
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain

https://www.instagram.com/embed.js
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js

15 KB
5 KB

8ms
7ms

Script
text/javascript

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: 55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 18:46:01 GMT
x-fb-trip-id: 1679558926
etag: "58b07fec4121"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
edge-control: max-age=1209600, no-transform
cache-control: public,max-age=31536000,immutable
content-encoding: br
content-length: 4824

Redirect headers

date: Wed, 01 Sep 2021 17:28:35 GMT
x-fb-trip-id: 1679558926
x-ig-origin-region: cln
content-type: text/html; charset=utf-8
location: https://www.instagram.com/static/bundles/es6/EmbedSDK.js/58b07fec4121.js
cache-control: max-age=21600
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 NOyrvdSVTCA Show response
www.youtube.com/embed/ Frame 3B17 55 KB
23 KB 56ms
55ms Document
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/NOyrvdSVTCA

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/_static/??/wp-content/themes/newscorpau-nlm-gq/assets/dist/js/bundle.js,/wp-includes/js/wp-embed.min.js?m=1626805898j

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c71925a466382b81b248c749e6f3298da9b911a97ee2a84dfe22239f8147ced1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/NOyrvdSVTCA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gq.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 01 Sep 2021 17:28:35 GMT
strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=SGZtb2V8Ksg; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none VISITOR_INFO1_LIVE=ZpE6W2bcvKU; Domain=.youtube.com; Expires=Mon, 28-Feb-2022 17:28:35 GMT; Path=/; Secure; HttpOnly; SameSite=none CONSENT=PENDING+969; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 GQA0920_COVER.jpg
origin.go.gq.com.au/wp-content/uploads/2020/09/ 25 KB
25 KB 57ms
5ms Image
image/webp 2a04:fa87:fffd::c000:42b8
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.gq.com.au/wp-content/uploads/2020/09/GQA0920_COVER.jpg?w=239
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42b8 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c7770d54f662d542948f1b2a7351cb4643006e0f1cb60bb99dfb88fcba8b532c

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
x-rq: hhn2 109 198 443
last-modified: Thu, 05 Nov 2020 08:18:39 GMT
server: nginx
etag: "f372092c1b4b47cb"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 25188
expires: Fri, 05 Nov 2021 08:18:39 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 294756ab620d8be581a903a8ccb3f9de4c3406b9d6f3bb724be96bc971ec18b9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c077ffe580116935cc2e91a2b87e79806c0caae2aebc0c22af9a2f59c4d7ea2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK logo.25aeff0e.svg
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/media/ 2 KB
3 KB 76ms
74ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/media/logo.25aeff0e.svg

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4aa6ae8759df27ee4f6df50f5e535cfd75ac7477a286a22647de5951f1955ee0

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
is-https: true
Connection: keep-alive
Content-Length: 1086
X-rq: ewr4 0 4 9980
Last-Modified: Fri, 16 Jul 2021 12:24:40 GMT
Server: nginx
ETag: W/"60f17a88-837"
Vary: User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=1579409
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Expires: Mon, 20 Sep 2021 00:12:04 GMT

GET
H/1.1 200
OK breadcrumb-arrow.4632a888.svg
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/media/ 395 B
2 KB 119ms
118ms Image
image/svg+xml 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/media/breadcrumb-arrow.4632a888.svg

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

d279869d3d02129f07b024581bf1ace829d253288b9d8857b2b2a6e7777721a3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
is-https: true
Connection: keep-alive
Content-Length: 297
X-rq: ewr4 0 4 9980
Last-Modified: Tue, 10 Aug 2021 02:56:12 GMT
Server: nginx
ETag: "6111eacc-18b"
Vary: User-Agent
Content-Type: image/svg+xml
Cache-Control: max-age=1851873
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Expires: Thu, 23 Sep 2021 03:53:08 GMT

GET
H2 200 815e720df21961499cf1ca6fedfe88dc
content.api.news/v3/images/bin/ 161 KB
162 KB 177ms
118ms Image
image/webp 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/815e720df21961499cf1ca6fedfe88dc
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 42a8837dbd43d015d769f0bf7fe2266207df9f244123b1ae7c9705f61ddea211

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag: 815e720df21961499cf1ca6fedfe88dc
date: Wed, 01 Sep 2021 17:28:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: c756839533dad85388fcc250c40f85e7-815e720df21961499cf1ca6fedfe88dc-0
x-serial: 1617
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=2086547
last-modified: Tue, 27 Jul 2021 21:03:24 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 165298
expires: Sat, 25 Sep 2021 21:04:22 GMT

GET
H2 200 940e5afe4de7aaff6fd8e8ada072bf0a
content.api.news/v3/images/bin/ 48 KB
49 KB 157ms
98ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/940e5afe4de7aaff6fd8e8ada072bf0a?width=650
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 7236f2be2a7172e942a8401bcc8c6c6969d816e6a7ce4fcaa65347222f95f855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag: 940e5afe4de7aaff6fd8e8ada072bf0a
date: Wed, 01 Sep 2021 17:28:35 GMT
last-modified: Mon, 30 Aug 2021 04:47:28 GMT
server: Akamai Image Manager
etag: 60f241d3c0892526ea69b30238b5c4fe-940e5afe4de7aaff6fd8e8ada072bf0a-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=4965637
access-control-allow-headers: x-newsapi-api-key
content-length: 49578
expires: Fri, 29 Oct 2021 04:49:12 GMT

GET
H2 200 82f7497cd8009de7cf810628c252a92e
content.api.news/v3/images/bin/ 24 KB
25 KB 145ms
86ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/82f7497cd8009de7cf810628c252a92e?width=650
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 6addda3cba0f775f7106f7d97104b96e1924f67eba02b15a0ab30246e745715a

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag: 82f7497cd8009de7cf810628c252a92e
date: Wed, 01 Sep 2021 17:28:35 GMT
last-modified: Wed, 18 Aug 2021 00:58:59 GMT
server: Akamai Image Manager
etag: bdb4ca6c2bd2c75044dbc11947b28c0b-82f7497cd8009de7cf810628c252a92e-650
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3915158
access-control-allow-headers: x-newsapi-api-key
content-length: 24814
expires: Sun, 17 Oct 2021 01:01:13 GMT

GET
H2 200 9474e420fe73d98d6d8e3a497acdfe02
content.api.news/v3/images/bin/ 44 KB
44 KB 161ms
103ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/9474e420fe73d98d6d8e3a497acdfe02?width=650
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: 8a590917d80f9162dc18089a14a9a21a0a1264854908ce6f5314591319f89d75

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag: 9474e420fe73d98d6d8e3a497acdfe02
date: Wed, 01 Sep 2021 17:28:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: a8ceaeffd1c001ec8431bfbd7e797767-9474e420fe73d98d6d8e3a497acdfe02-650
x-serial: 208
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3922967
last-modified: Wed, 18 Aug 2021 03:13:35 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 44831
expires: Sun, 17 Oct 2021 03:11:22 GMT

GET
H2 200 0de923a9f5c27b24b261aa94a366c24e
content.api.news/v3/images/bin/ 41 KB
41 KB 160ms
102ms Image
image/jpeg 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://content.api.news/v3/images/bin/0de923a9f5c27b24b261aa94a366c24e?width=650
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-28.deploy.static.akamaitechnologies.com
Software: Akamai Image Manager /
Resource Hash: b35a8fc1c00edbc9ae60c306c4cdfe48e0c0a73f3fc20f4455ab063418fff495

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

edge-cache-tag: 0de923a9f5c27b24b261aa94a366c24e
date: Wed, 01 Sep 2021 17:28:35 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: 6cfe4b00714bf44e68c15d98aef1ff3e-0de923a9f5c27b24b261aa94a366c24e-650
x-serial: 1225
access-control-allow-methods: GET
content-type: image/jpeg
access-control-allow-origin: *
x-hobit: 2B
cache-control: private, no-transform, max-age=3137787
last-modified: Mon, 09 Aug 2021 01:07:25 GMT
access-control-allow-headers: x-newsapi-api-key
content-length: 41929
expires: Fri, 08 Oct 2021 01:05:02 GMT

GET
H2 200 GQ-signup-DesktopBanner-1000x56-1.jpg
origin.go.gq.com.au/wp-content/uploads/2021/02/ 31 KB
31 KB 54ms
5ms Image
image/jpeg 2a04:fa87:fffd::c000:42b8
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://origin.go.gq.com.au/wp-content/uploads/2021/02/GQ-signup-DesktopBanner-1000x56-1.jpg
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffd::c000:42b8 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: fb09d90dbc4d3671b24854bdcd686eb875b45d65f987264c986c5a1d557ad328

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
x-rq: hhn2 109 144 443
last-modified: Fri, 19 Feb 2021 00:42:34 GMT
server: nginx
etag: "86ef7863b57a4255"
x-cache: HIT
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 32062
expires: Sat, 19 Feb 2022 01:01:36 GMT

GET
H/1.1 200
OK vip-powered-dark-small.png
www.gq.com.au/wp-content/mu-plugins/vip-helpers/images/ 5 KB
6 KB 205ms
204ms Image
image/png 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gq.com.au/wp-content/mu-plugins/vip-helpers/images/vip-powered-dark-small.png

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

318b47c0042bbc1bdee2d50b37d8d8b1c2a592978855b9de235dbd1a23ecbab8

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Referer: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
is-https: true
Connection: keep-alive
Content-Length: 5065
X-rq: dca7 0 4 9980
Last-Modified: Thu, 03 Dec 2020 21:57:15 GMT
Server: nginx
ETag: W/"5fc95f3b-13b2"
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=1
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.0&blog=171234752&post=135911&tz=10&srv=origin.go.gq.com.au&host=www.gq.com.au&ref=&fcp=0&rand=0.5841857205946819
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 2764.svg
s.w.org/images/core/emoji/13.1.0/svg/ 368 B
567 B 26ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.1.0/svg/2764.svg

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 01 Sep 2021 17:28:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 18:50:46 GMT
server: nginx
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 368
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1f525.svg
s.w.org/images/core/emoji/13.1.0/svg/ 822 B
559 B 23ms
7ms Image
image/svg+xml 192.0.77.48
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.w.org/images/core/emoji/13.1.0/svg/1f525.svg

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.48 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

s.w.org

Software

nginx /

Resource Hash

4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 07 Jun 2021 18:54:48 GMT
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=315360000
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ipad.png
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/media/ 3 KB
4 KB 82ms
82ms Image
image/png 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/media/ipad.png

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1b1768e07db6e9e71d168700bdd75d938cb45ddd4baea525d0624709dfe1b49f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Connection: keep-alive
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
is-https: true
Connection: keep-alive
Content-Length: 2840
X-rq: ewr4 0 4 9980
Last-Modified: Fri, 16 Jul 2021 12:24:40 GMT
Server: nginx
ETag: W/"60f17a88-b5d"
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=48817
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Expires: Thu, 02 Sep 2021 07:02:12 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts// 65 KB
67 KB 205ms
204ms Font
application/font-woff2 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts//fontawesome-webfont.woff2?v=4.5.0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gq.com.au
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Origin: https://www.gq.com.au
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
is-https: true
Connection: keep-alive
Content-Length: 66632
X-rq: ewr4 0 4 9980
Last-Modified: Tue, 10 Aug 2021 02:56:12 GMT
Server: nginx
ETag: W/"6111eacc-10440"
Vary: User-Agent
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff2
Access-Control-Allow-Origin: *
Expires: Wed, 01 Sep 2021 17:28:36 GMT
Cache-Control: max-age=1
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H/1.1 200
OK BrandonGrotesque-Black.woff
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts// 43 KB
44 KB 37ms
36ms Font
application/font-woff 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts//BrandonGrotesque-Black.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9b98042dcae55ae619759dd01e263f79971df676fbf93e7c9f4587393d5644b5

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gq.com.au
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Origin: https://www.gq.com.au
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
is-https: true
Connection: keep-alive
Content-Length: 43312
X-rq: ewr4 0 4 9980
Last-Modified: Fri, 16 Jul 2021 12:24:40 GMT
Server: nginx
ETag: W/"60f17a88-ac20"
Vary: User-Agent
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Expires: Sun, 19 Sep 2021 17:19:03 GMT
Cache-Control: max-age=1554628
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H/1.1 200
OK BrandonGrotesque-Medium.woff
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts// 44 KB
45 KB 69ms
31ms Font
application/font-woff 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts//BrandonGrotesque-Medium.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

44119fd23818c33b6cdbb8d69c8ebb03c9a641810b5ce44cda7c49575123f258

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gq.com.au
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Origin: https://www.gq.com.au
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
is-https: true
Connection: keep-alive
Content-Length: 44059
X-rq: ewr4 0 4 9980
Last-Modified: Tue, 10 Aug 2021 02:56:12 GMT
Server: nginx
ETag: W/"6111eacc-af28"
Vary: User-Agent
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Expires: Sun, 19 Sep 2021 01:04:56 GMT
Cache-Control: max-age=1496181
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H/1.1 200
OK CaslonGraComD.woff
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts// 28 KB
29 KB 96ms
46ms Font
application/font-woff 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts//CaslonGraComD.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

c8dff6556ef21c63534bea2588dae5f528ea6cbac90836c0f85d1bc43297352f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gq.com.au
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Origin: https://www.gq.com.au
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
is-https: true
Connection: keep-alive
Content-Length: 28381
X-rq: ewr4 0 4 9980
Last-Modified: Tue, 10 Aug 2021 02:56:12 GMT
Server: nginx
ETag: W/"6111eacc-6f40"
Vary: User-Agent
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Expires: Sun, 19 Sep 2021 00:32:28 GMT
Cache-Control: max-age=1494233
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H/1.1 200
OK BreulGroteskA-Black.woff
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts// 21 KB
22 KB 167ms
112ms Font
application/font-woff 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts//BreulGroteskA-Black.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

88c7beaf6b852303169388018ca5ecfb79a44fafed5bedd633d34469a846a00f

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gq.com.au
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Origin: https://www.gq.com.au
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
is-https: true
Connection: keep-alive
Content-Length: 21145
X-rq: ewr4 0 4 9980
Last-Modified: Tue, 10 Aug 2021 02:56:12 GMT
Server: nginx
ETag: W/"6111eacc-52e4"
Vary: User-Agent
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Expires: Fri, 24 Sep 2021 12:05:33 GMT
Cache-Control: max-age=1967818
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H/1.1 200
OK JansonTextLTStd-Roman.woff
www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts// 30 KB
32 KB 152ms
87ms Font
application/font-woff 2.18.233.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gq.com.au/wp-content/themes/newscorpau-nlm-gq/assets/dist/fonts//JansonTextLTStd-Roman.woff

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.233.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-233-28.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

0e757799f0b1691d87ade77747b6761cc829fd69137b7673361c8d931928fdc3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://www.gq.com.au
Accept-Encoding: gzip, deflate, br
Host: www.gq.com.au
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
Cookie: gig_canary=false; gig_canary_ver=12426-3-27175230
Connection: keep-alive
Origin: https://www.gq.com.au
Referer: https://www.gq.com.au/_static/??-eJx9jUsOwjAQQy9EOuJXYIE4S0hHbWDyIZ6o6u0prFoJsbSt90xjNj46qR2DHqDAnbcsHDjqKmSxExcj3Fs3NcHHxgEb+ofP2zKvIJeifi+qyVJ7H0FgW9xALBbqXS4MUOehNDNU5lq5MzlBYe6S3NNAJ2H81OowX4Iij3CpZFtNlGD6F1mAdeH9Oj74LVy37a69HE7n/fENx6xoQw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
is-https: true
Connection: keep-alive
Content-Length: 31057
X-rq: ewr4 0 4 9980
Last-Modified: Fri, 16 Jul 2021 12:24:40 GMT
Server: nginx
ETag: W/"60f17a88-7958"
Vary: User-Agent
Access-Control-Allow-Methods: GET, HEAD
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Expires: Wed, 15 Sep 2021 21:55:11 GMT
Cache-Control: max-age=1225596
Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
Accept-Ranges: bytes
X-Webkit-CSP: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy: block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 349ms
87ms XHR
application/json 70.42.32.159
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1630517315293&sessionId=1c7f3789-e98c-b696-6621-23f1ef029381&url=www.gq.com.au&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.159 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:35 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 2b12c3d023b6643806e662a31a887c70
Content-Length: 4
Expires: 0

GET
H/1.1 200
OK Api.aspx Show response
cdns.au1.gigya.com/gs/webSdk/ Frame 7755 95 KB
34 KB 64ms
24ms Document
text/html 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://cdns.au1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&version=latest&build=12426

Requested by

Host: cdns.gigya.com
URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-234-36.deploy.static.akamaitechnologies.com

Software

Resource Hash

65c4731687298cd472f31c9cb9826b00f17ff00c89d6f1f7cea9a058b449200e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Host: cdns.au1.gigya.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gq.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

Content-Type: text/html; charset=utf-8
Content-Length: 34602
Content-Encoding: gzip
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
x-soa: true, Gator
x-server: us1d-nomad-g18
x-callid: d518591b3cf24de892231668c0a9c69f
Accept-Ranges: bytes
x-robots-tag: none
Cache-Control: public, max-age=86400, s-maxage=3600
Date: Wed, 01 Sep 2021 17:28:35 GMT
Connection: keep-alive

GET
H2 200 www-player-webp.css
www.youtube.com/s/player/c29c59cf/ Frame 3B17 329 KB
45 KB 14ms
13ms Stylesheet
text/css 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c29c59cf/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:36:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 00:16:12 GMT
server: sffe
age: 186741
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46223
x-xss-protection: 0
expires: Tue, 30 Aug 2022 13:36:14 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/ Frame 3B17 194 KB
64 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 13:05:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15808
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/youtube
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65420
x-xss-protection: 0
last-modified: Mon, 30 Aug 2021 00:16:12 GMT
server: sffe
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 13:05:07 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 3B17 2 MB
499 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:36:35 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 00:16:12 GMT
server: sffe
age: 186720
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510544
x-xss-protection: 0
expires: Tue, 30 Aug 2022 13:36:35 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/ Frame 3B17 8 KB
3 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c29c59cf/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 09:19:14 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 00:16:12 GMT
server: sffe
age: 29361
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
expires: Thu, 01 Sep 2022 09:19:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3B17 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.youtube.com
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 11:21:30 GMT
x-content-type-options: nosniff
age: 454025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 11:21:30 GMT

GET
H3-29

429

/
www.instagram.com/accounts/login/ Frame A681
Redirect Chain

https://www.instagram.com/p/B4R2K8iDQvu/embed/captioned/?cr=1&v=12&wp=540&rd=https%3A%2F%2Fwww.gq.com.au&rp=%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heist...
https://www.instagram.com/accounts/login/

0
0

263ms
254ms

Document
text/html

2a03:2880:f21c:80e5:face:b00c:0:4420
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.instagram.com/accounts/login/

Requested by

Host: www.instagram.com
URL: https://www.instagram.com/embed.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f21c:80e5:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com https://.facebook.com https://.fbsbx.com; font-src data: https://.fbcdn.net https://.instagram.com https://.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://.cdninstagram.com https://.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://.cdninstagram.com wss://www.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://.www.instagram.com https://graph.instagram.com https://.graph.instagram.com https://graphql.instagram.com https://.cdninstagram.com https://api.instagram.com https://i.instagram.com https://.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://.facebook.com https://.fbcdn.net https://.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.instagram.com
:scheme: https
:path: /accounts/login/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gq.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

content-type: text/html; charset=utf-8
vary: Accept-Language, Cookie
content-language: en
date: Wed, 01 Sep 2021 17:28:35 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-frame-options: SAMEORIGIN
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
cross-origin-embedder-policy-report-only: require-corp;report-to="coep"
report-to: {"group": "coep", "max_age": 86400, "endpoints": [{"url": "/security/coep_report/"}]},{"group": "coop", "max_age": 86400, "endpoints": [{"url": "/security/coop_report/"}]}
origin-trial: AuqWincgAuXeuu3KypEMnrrFEJHySaesyJS3EaIH40zvafzrU0Irhb7+5QwZpOqMZrPTjgvFl7Z5jJgy1dNAcQMAAAB6eyJvcmlnaW4iOiJodHRwczovL2luc3RhZ3JhbS5jb206NDQzIiwiZmVhdHVyZSI6IkNyb3NzT3JpZ2luT3BlbmVyUG9saWN5UmVwb3J0aW5nIiwiZXhwaXJ5IjoxNjEzNDExNjYyLCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop"
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 46
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 20800
x-ig-origin-region: cln
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
proxy-status: http_request_error; e_clientaddr="AcLaXaiN0y4Wcdo4M4foZbNbHWGH3QkrikfMjHIemLntrGHADNYrUSMkJITMWKeVNbGGmmECw3YPn9d_8B6Iius-3_PpOHKqXZB20HnkD8eK"; e_fb_binaryversion="AcJkeF6po8LVMw6GoFxeSg4Bb80viTgrXkzy4MlrYkFZfIeSzjx0Y-RBy_lDC46yI0y4y6E9TYjncgydWTg3ch3wGimM1Hzotgk"; e_upip="AcJGhAZ4xWsFVOrKF18R3sjuUWUS2qiK7U5nVh7_Ccu6A2IvNRxT47yz7kyqZZ62IZ8CX3kiR5bBxxaHlkMUM_5zlsx20QyB6g"; e_proxy="AcIgycXlL8yetm42dbQ7hnT6UuLDq7_sCmLAR3GHNRNUY-TyFP5n6w80e5U7up7PBpssDdCGOvhDPs-nWERZ"; e_fb_builduser="AcKq9_p7N2RNP_tZ0HYIDv0vn9qgJvPMhXAAzE66Dx8ShMSBJf6i-sBrNr-B24uAx2o"; e_fb_vipaddr="AcK1t-tgOJd0Mr58DUNj1b5QsIHLlkJ8YODI7_d2AkxYGW_c12yrZMMour61aBIuUD8_YeeLTna0y4QhbuJ1PB5ThR4WbnKmYjNJgEw", http_request_error; e_clientaddr="AcKv07VRIOuMe77MEj9998Dt8TJvkNuKzOsPufUYG3LMKimdGKesQEiwJPHpQpTTdURsrPOOt4kr9hOuNYlGIsZ4SS6w6g"; e_fb_binaryversion="AcL3ryEUzQQPnbh_qe-iCVqP1RZNziNnATlIEHR9PVwNdRi5Nfm2mkb3Kp0MumLIcxJ2y2lzWwt7omgB2y0aPxAW0RWZVwa2XtE"; e_upip="AcKvFORpPpFl72axWnc-u6LxcbD9OPGHUSWE3wxlcl9qxlAt5KT6orTd0a_q0o4ZV46UGL0cn3rbhiyZEnPIRGpB1HMFe3XL6hcP43E"; e_proxy="AcI7ZxJDbLk8QdZ7XehYSCUHw-kWGa1LcAoAPQ3MziEeqju9NTZ6aj_102jWbm_iia2YokyKu697PJE"; e_fb_builduser="AcKHFnkrQ9pnADdLe9PKhEUGVvxNtqJu5qBiQ3KMkesbAQ3NDNtAvzG-ABLA7nPqhd4"; e_fb_vipaddr="AcLSKdjpQUIUgdlaNn6H8Esf446YKtK56fEl9IcQV0cy_fbXTFsCzFYCqlVX8pLITvNZNOsJ5ReIIU_hnDlOO-dSrhp0UBxBkEtHZIJ7"
priority: u=3,i

Redirect headers

content-type: text/html; charset=utf-8
location: https://www.instagram.com/accounts/login/
vary: Accept-Language, Cookie
content-language: en
date: Wed, 01 Sep 2021 17:28:35 GMT
strict-transport-security: max-age=31536000
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy: report-uri https://www.instagram.com/security/csp_report/; default-src 'self' https://www.instagram.com; img-src data: blob: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com https://*.facebook.com https://*.fbsbx.com; font-src data: https://*.fbcdn.net https://*.instagram.com https://*.cdninstagram.com; media-src 'self' blob: https://www.instagram.com https://*.cdninstagram.com https://*.fbcdn.net; manifest-src 'self' https://www.instagram.com; script-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://*.cdninstagram.com wss://www.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https://*.www.instagram.com https://www.instagram.com 'unsafe-inline'; connect-src 'self' https://instagram.com https://www.instagram.com https://*.www.instagram.com https://graph.instagram.com https://*.graph.instagram.com https://graphql.instagram.com https://*.cdninstagram.com https://api.instagram.com https://i.instagram.com https://*.i.instagram.com wss://www.instagram.com wss://edge-chat.instagram.com https://*.facebook.com https://*.fbcdn.net https://*.facebook.net chrome-extension://boadgeojelhgndaghljhdicfkmllpafd blob:; worker-src 'self' blob: https://www.instagram.com; frame-src 'self' https://instagram.com https://www.instagram.com https://*.instagram.com https://staticxx.facebook.com https://www.facebook.com https://web.facebook.com https://connect.facebook.net https://m.facebook.com; object-src 'none'; upgrade-insecure-requests
x-content-type-options: nosniff
x-xss-protection: 0
x-ig-push-state: c2
x-aed: 46
access-control-expose-headers: X-IG-Set-WWW-Claim
content-length: 0
x-ig-origin-region: cln
x-fb-trip-id: 1679558926
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 3B17
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

36ms
34ms

XHR
application/json

2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ebcfb8b26e00d03e8ce6b14ccb7aa138ceed8ba204d3c38c85933575578c4dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 01 Sep 2021 17:28:35 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 3B17 29 B
113 B 7ms
6ms Script
text/javascript 2a00:1450:4001:827::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:27:58 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 37
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:42:58 GMT

GET
H3-29 200 remote.js Show response
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 3B17 95 KB
29 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:40:47 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 00:16:12 GMT
server: sffe
age: 186468
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29767
x-xss-protection: 0
expires: Tue, 30 Aug 2022 13:40:47 GMT

GET
H2 200 TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js Show response
www.google.com/js/th/ Frame 3B17 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/TfFoB2a7yVVGE2tGGw51LMET2bfVRgJEPfkhgeY_Qv4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:12:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 11771
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13387
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 09:00:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 14:12:24 GMT

GET
H3-29 200 embed.js Show response
www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/ Frame 3B17 24 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Mon, 30 Aug 2021 13:37:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 30 Aug 2021 00:16:12 GMT
server: sffe
age: 186662
vary: Accept-Encoding, Origin
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7277
x-xss-protection: 0
expires: Tue, 30 Aug 2022 13:37:33 GMT

GET
DATA 200
OK truncated
/ Frame 3B17 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT3KaF9muj3zO-kdb1jDM8fpZF6Vkgzl0WR1w=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 3B17 1 KB
1 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT3KaF9muj3zO-kdb1jDM8fpZF6Vkgzl0WR1w=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e94948cecae771c4877a3192e9549991e73794da83fc7a74211149ac1f330d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 14:28:52 GMT
x-content-type-options: nosniff
server: fife
age: 10783
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
expires: Thu, 02 Sep 2021 14:28:52 GMT

GET
H2 200 sddefault.webp
i.ytimg.com/vi_webp/NOyrvdSVTCA/ Frame 3B17 7 KB
7 KB 6ms
6ms Image
image/webp 2a00:1450:4001:82a::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/NOyrvdSVTCA/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/NOyrvdSVTCA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

720dbb7a8a9367b0740499170a849dbc9008f073652f850a76b9fa7597eea6bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:20:45 GMT
x-content-type-options: nosniff
server: sffe
age: 470
etag: "0"
vary: Origin
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7030
x-xss-protection: 0
expires: Wed, 01 Sep 2021 19:20:45 GMT

GET
H2 200 nielsen.js Show response
tags.news.com.au/prod/nielsen/ 25 KB
10 KB 29ms
29ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 802ca9fdab7c9e8625dbed1d121e35c774375707ffd2c1ad91c005fdfe4c4538

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "8c7c1cb76a5850ad7830a8bb356626e8:1630300724.712654"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=25240
content-type: application/x-javascript
content-length: 9943

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 23ms
7ms Script
application/x-javascript 2600:9000:2240:800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:53:15 GMT
content-encoding: gzip
last-modified: Fri, 09 Jul 2021 00:14:48 GMT
server: nginx
age: 2120
etag: W/"60e794f8-11377"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: LmfntAnDJrD-_MRn9g41tm5xevMIunuO_Wcg6I34X-jkAikpqfiFEA==
expires: Wed, 01 Sep 2021 18:53:15 GMT

GET
H2 200 metrics.js Show response
tags.news.com.au/prod/metrics/ 178 KB
62 KB 53ms
53ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/metrics/metrics.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 1fea155b68a3e8af068ebe3dbe3193a0ecff504373860cb9593c9deb0a45494d

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "76a23b2a3209863ef0ce238663ec6ab1:1629693622.14708"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=40472
content-type: application/x-javascript

GET
H2 200 tad.js Show response
tags.news.com.au/prod/tad/ 84 KB
27 KB 44ms
43ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/tad/tad.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 21e8e115180fe39141918de87d132bd4e974c8f49513485a054633e658258a05

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "ab99eb603c01285ed2e67c90872459d2:1628566297.76946"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=79893
content-type: application/x-javascript
content-length: 27380

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 73 KB
25 KB 19ms
18ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

de93b456f0009a0250728db5300aeb160f02f74acf940a0579e4eb6f8e6f4ff2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "974 / 860 of 1000 / last-modified: 1630494475"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25639
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H2 200 prebid.js Show response
tags.news.com.au/prod/prebid/ 307 KB
97 KB 61ms
61ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/prebid/prebid.js
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 84b2051c012ad6cb45b30bee85f013ee273962cf42ceba1a4406947bf61655e5

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
server: AkamaiNetStorage
etag: "2f0745bb3db408d1809040478c7a3e21:1626140457.016476"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=39758
content-type: application/x-javascript

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-992084939

Requested by

Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bad1b1121b3136928e666df1e759758bb3a6aa2ca4e09cd11462b6be758838f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39304
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 15:38:29 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H/1.1 200
OK ncg.js Show response
au.tags.newscgp.com/prod/ncg/ 155 KB
48 KB 82ms
20ms Script
text/javascript 18.66.112.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8f7cfeaeceac7a3987e0bb743deb5698f4c3f8ca7d3f9694765d12748d616be

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 16:56:35 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Thu, 15 Jul 2021 04:26:19 GMT
Server: AmazonS3
Age: 1920
ETag: W/"fbf90326cc306ad31726483a025fc411"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 da9380f22ff2303fc2fd4652bf7ec7ba.cloudfront.net (CloudFront)
Cache-Control: max-age=3600
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA56-P5
X-Amz-Cf-Id: k2bYV2NVEnFqII2gVJvou-q_ND2ljYiBC_TO7mXft6AXrjIedDAY3w==

GET
H2

200

v60.js Show response
cdn-gl.imrworldwide.com/
Redirect Chain

https://secure-gl.imrworldwide.com/v60.js
https://cdn-gl.imrworldwide.com/v60.js

21 KB
7 KB

6ms
6ms

Script
application/javascript

2600:9000:2240:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/v60.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: .KrDWJ6YcsmnfI6j8sx8eWw9CjCealBE
content-encoding: gzip
etag: W/"cc7339d315e5ab16597dd66d153a0e7e"
last-modified: Mon, 12 Oct 2020 13:35:53 GMT
server: AmazonS3
age: 75566
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Tue, 31 Aug 2021 21:43:47 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: x7nrAra-hfN9KNk5XH3_HTjLdfWd4MAcZS-Rt7q9n8CqytzZGcJLVw==

Redirect headers

date: Wed, 01 Sep 2021 17:28:35 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
server: awselb/2.0
x-amz-cf-pop: FRA56-P2
x-cache: Miss from cloudfront
content-type: text/html
location: https://cdn-gl.imrworldwide.com:443/v60.js
content-length: 134
x-amz-cf-id: WbiBxZMeDF5svBPKHQLKqXYqFIMH3I4xJ0F2RCuDMeCdHwOqnvs6lw==

GET
H2 200 utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
202 B 8ms
8ms Script
application/x-javascript 184.30.24.194
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=newsltd/gq/202108310519&cb=1630517315618
Requested by: Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.30.24.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-24-194.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
last-modified: Thu, 14 Apr 2016 16:57:51 GMT
server: AkamaiNetStorage
etag: "7bc0ee636b3b83484fc3b9348863bd22:1460653071"
content-type: application/x-javascript
cache-control: max-age=600
accept-ranges: bytes
content-length: 2
expires: Wed, 01 Sep 2021 17:38:35 GMT

GET
H/1.1 200
OK sdk.config.get Show response
cdns.au1.gigya.com/ Frame 7755 2 KB
1 KB 23ms
22ms Fetch
text/javascript 2.18.234.36
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.au1.gigya.com/sdk.config.get?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&pageURL=https%3A%2F%2Fwww.gq.com.au%2F
Requested by: Host: cdns.au1.gigya.com
URL: https://cdns.au1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&version=latest&build=12426
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.36 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-36.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5d645f9c0988efcfc7eeba0c89ae3876a1484a88b1f86183cde76883844aa4c8

Request headers

Referer: https://cdns.au1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&version=latest&build=12426
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:35 GMT
Content-Encoding: gzip
Content-Type: text/javascript; charset=utf-8
x-soa: true, Gator
Vary: Accept-Encoding
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
Access-Control-Allow-Origin: *
x-callid: a0d4e9719439416f9ce657b2826389b7
Cache-Control: public, max-age=86400
x-server: us1d-nomad-g15
Connection: keep-alive
Accept-Ranges: bytes
x-robots-tag: none
Content-Length: 789

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 3B17 4 KB
2 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
x-content-type-options: nosniff
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H3-29 204 generate_204
www.youtube.com/ Frame 3B17 0
9 B 6ms
5ms Image
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?NPLjaQ
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youtube.com/embed/NOyrvdSVTCA
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 load.js Show response
widget.perfectmarket.com/newscorpau-aud-gqau/ 3 KB
2 KB 1009ms
980ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-gqau/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c9fee604aa001e509a985a12bf93bc7cd45194df0e51893cd4ead393d1c04931

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: P.uZEmg7jaWQGdqMWiMtkQGE8MLbUzPJ
content-encoding: gzip
etag: "89c59ea14dda85ccea5e34479eb41dde"
age: 0
x-cache: HIT, HIT
content-length: 1108
x-amz-id-2: KZZQ6R9EQlyVSTgdDBSzd+6NhfJkj+jFTxWcDdiMj3oFHDWev+uXCFXAe5MXBMeE4vXHd6hhj5s=
x-served-by: cache-lax10642-LGB, cache-fra19120-FRA
last-modified: Fri, 03 Apr 2020 08:07:22 GMT
server: AmazonS3
x-timer: S1630517316.792248,VS0,VE973
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding,,
x-amz-request-id: N80AAQ9B7M5TJQGY
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20210901-6-RELEASE.js Show response
cdn.taboola.com/libtrc/ 526 KB
117 KB 11ms
6ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 7bdda1d91d319d896018c082d43fca3eb3d8f68d8af937642baf8fb130ca7b4d

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: vmJxL76MlGRiqzutIv3LmTf3IppR5rxR
content-encoding: br
etag: "4cfba621b42bcf8ee33b6ef1e32a2388"
age: 2763
x-cache: HIT
content-length: 119151
x-amz-id-2: fVXHFd/TyGrwY+bQaidNM/5EbfyhO/zSSRibajklNJa5EJ8vGbjfq+J5E1Oo8txEvamIigbcBIs=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 01 Sep 2021 08:33:44 GMT
server: AmazonS3-br
x-timer: S1630517316.767483,VS0,VE0
date: Wed, 01 Sep 2021 17:28:35 GMT
vary: Accept-Encoding
x-amz-request-id: M0GSY1HT5H1T5KG3
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript
abp: 79
x-cache-hits: 10600

GET
H3-29 200 pubads_impl_2021082701.js Show response
securepubads.g.doubleclick.net/gpt/ 333 KB
117 KB 18ms
17ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 27 Aug 2021 15:07:02 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119397
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 59 B
91 B 17ms
17ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.gq.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

def2e3026c60a959c6076dc3731bd2651cb04848efe5233be1e180dddc6b286e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H2 200 PCB0BEE8B-33E1-4197-9462-D07AD6280E09.js Show response
cdn-gl.imrworldwide.com/conf/ 33 KB
7 KB 23ms
7ms Script
application/javascript 2600:9000:2240:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/conf/PCB0BEE8B-33E1-4197-9462-D07AD6280E09.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/nielsen/nielsen.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91b207c73c62ff76a1bb8c673a3166edc114347e5ea0248ed942b121ea253675

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: IHaWb1tgnkC5hmmDzmDkFMOiwlofJNdI
content-encoding: gzip
etag: W/"758b244fce3dc9b4fe9b9150f9e4f1bf"
last-modified: Sun, 29 Aug 2021 01:17:52 GMT
server: AmazonS3
age: 3281
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cache-control: max-age=86400,s-maxage=86400
date: Wed, 01 Sep 2021 16:33:55 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: U71fW9ixYBoIq4LtK5mlBAZQhsBmZomNNLDcRJlMxktj2iBieZu8WQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 383ms
103ms Image
image/gif 44.197.35.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gq.com.au&p=%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&u=CglMToDvcrJ0BN_MCU&d=gq.com.au&g=38302&g0=entertainment.film%20tv.has%20nefflixs%20la%20casa%20de%20papel%20inspired%20real%20life%20money%20heists.news%20story&g1=joseph%20lam&n=1&f=00001&c=0&x=0&m=0&y=6079&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2034&t=BkklRLGNzbDCbnwfVDVxgD7DK0qOE&V=128&i=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&tz=-120&sn=1&sv=BZhEJpBdmV0_B0m2-MUzT-X298i&sd=1&im=067b0ff2&_
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.35.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-35-129.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK iasPET.1.js Show response
cdn.adsafeprotected.com/ 22 KB
7 KB 69ms
19ms Script
application/javascript 13.32.121.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adsafeprotected.com/iasPET.1.js
Requested by: Host: tags.news.com.au
URL: https://tags.news.com.au/prod/tad/tad.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-26.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Fri, 27 Aug 2021 15:42:36 GMT
Content-Encoding: gzip
Connection: keep-alive
Last-Modified: Wed, 02 Jun 2021 17:38:57 GMT
Server: AmazonS3
Age: 438360
ETag: W/"51636de3ce868a2172f9e6996c2934e0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 8c08c39035033b8c904aa0e3f734d6c7.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA60-P1
X-Amz-Cf-Id: qfVkIIj1LrwX0vBps8b3FogIB3trZgMyZX7rwHkGoBMWjf6qk5otag==

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1630517315838
https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1630517315838

5 KB
2 KB

36ms
35ms

XHR
application/json

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1630517315838

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ddb7696d6d6af196822175ea28f0d4a8e12397d4ab3d3ef99ef1f6bf8410dda7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-089427fde.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: NGpCfoCySp0=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gq.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1541
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v015-0b629922b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://www.gq.com.au
X-TID: ZPKG5Ar6QJk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&ts=1630517315838
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 36 KB
14 KB 21ms
21ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-992084939

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14079
x-xss-protection: 0
server: cafe
etag: 18326714422570925345
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 17:28:35 GMT

GET
H2 200 newskey.js Show response
tags.news.com.au/prod/newskey/ 194 B
557 B 20ms
20ms Script
application/x-javascript 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/newskey/newskey.js
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 573306605c3186264c33d46e94e202171ad033bb06188610c1b33d24307e9221

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
server: AkamaiNetStorage
etag: "37183003000f63ee4c54b44a3f588989:1600838590.979146"
vary: Accept-Encoding
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
cache-control: max-age=80776
content-type: application/x-javascript
content-length: 194

GET
H2 200 gdpr_user_check.esi Show response
tags.news.com.au/prod/data-esi/top/ 63 B
361 B 492ms
492ms XHR
text/plain 2.18.233.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.news.com.au/prod/data-esi/top/gdpr_user_check.esi?
Requested by: Host: au.tags.newscgp.com
URL: https://au.tags.newscgp.com/prod/ncg/ncg.js?v=2.14.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-169.deploy.static.akamaitechnologies.com
Software: AkamaiGHost /
Resource Hash: c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
server: AkamaiGHost
p3p: CP="News Ltd does not have a P3P policy. You can view our Privacy Policy at http://www.newscorpaustraliaprivacy.com"
etag: "f1d1adc077c1f1f826a151ee3db530bc:1600839199.327003"
content-type: text/plain
access-control-allow-origin: *
cache-control: max-age=0, no-cache
content-length: 63
mime-version: 1.0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H2 200 nlsSDK600.bundle.min.js Show response
cdn-gl.imrworldwide.com/novms/js/2/ 192 KB
54 KB 7ms
6ms Script
application/javascript 2600:9000:2240:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/conf/PCB0BEE8B-33E1-4197-9462-D07AD6280E09.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: WYmiUb1.Cg6z3yQT9O20r1WlJJUllnwa
content-encoding: gzip
etag: W/"bd1ffd9a8dc416cfddcde665f3111e22"
last-modified: Tue, 17 Aug 2021 13:40:58 GMT
server: AmazonS3
age: 798
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
cache-control: max-age=86400
date: Wed, 01 Sep 2021 17:15:18 GMT
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: lLVhFqFbEy-a0z_5DRuAtpoLbFGuGkn4Y52rm64A7q48oXlygj7KVQ==

GET
H2 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3679d93f32c8a4019b71cd695be75acfcb43ef2ec7c728e45477a379909be8cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:27:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6044
x-xss-protection: 0
server: cafe
etag: 3925241684353305145
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Sep 2021 18:27:59 GMT

GET
H/1.1 200
OK accounts.webSdkBootstrap Show response
accounts.au1.gigya.com/ Frame 7755 177 B
1 KB 940ms
333ms XHR
text/javascript 52.62.232.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.au1.gigya.com/accounts.webSdkBootstrap?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&pageURL=https%3A%2F%2Fwww.gq.com.au%2F&sdk=js_latest&sdkBuild=12426&format=json
Requested by: Host: cdns.au1.gigya.com
URL: https://cdns.au1.gigya.com/gs/webSdk/Api.aspx?apiKey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O&version=latest&build=12426
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 52.62.232.61 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-62-232-61.ap-southeast-2.compute.amazonaws.com
Software: /
Resource Hash: 691a0943f972efd33176d858eae062bbfc14514e541ebf35a7c4873040ce69da

Request headers

Referer: https://cdns.au1.gigya.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:35 GMT
content-encoding: gzip
x-soa: true, Gator
x-robots-tag: none
vary: Origin, Accept-Encoding
access-control-allow-methods: GET,PUT,DELETE,HEAD,OPTIONS,POST,PATCH
p3p: CP="IDC COR PSA DEV ADM OUR IND ONL"
access-control-allow-origin: https://cdns.au1.gigya.com
x-callid: 64c2c23e22b84e409a83c948bfaa1562
access-control-max-age: 86400
cache-control: private
x-server: au1b-nomad-g2
access-control-allow-credentials: true
content-type: text/javascript; charset=utf-8
content-length: 154

GET
H3-29 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/992084939/ 3 KB
1 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/992084939/?random=1630517316004&cv=9&fst=1630517316004&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8u0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&tiba=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

632f0985c1fa5aed6fbd406923c2d25987f382219b72412e1d7e4d6bdbd1bd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pub Show response
pixel.adsafeprotected.com/services/ 880 B
1 KB 113ms
42ms XHR
application/json 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/services/pub?anId=10507&slot=%7Bid:ad-block-728x90-1,ss:%5B728.90,728.1%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&slot=%7Bid:ad-block-728x90-2,ss:%5B728.90%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&slot=%7Bid:ad-block-970x250-1,ss:%5B970.250,970.50,1000.50,1000.100%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&slot=%7Bid:ad-block-300x250-1,ss:%5B300.250,300.600%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&slot=%7Bid:ad-block-300x250-2,ss:%5B300.250%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&slot=%7Bid:ad-block-4x4-1,ss:%5B4.4%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&slot=%7Bid:ad-out-of-page,ss:%5B1.1%5D,p:/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe,t:display%7D&wr=1600.1200&sr=1600.1200&sessionId=d12d01b5-bd97-5cc3-c56b-0d55838c90d7&url=https%253A%252F%252Fwww.gq.com.au%252Fentertainment%252Ffilm-tv%252Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%252Fnews-story%252F37feda706e2193b852cba885010c71fe
Requested by: Host: cdn.adsafeprotected.com
URL: https://cdn.adsafeprotected.com/iasPET.1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 0004674b19a0f40b4a87e340894da0d8433c52bc6c122490a72d4857a037d682

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
x-server-name: app03.ie.303net.net
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.gq.com.au
access-control-expose-headers: X-Server-Name
access-control-allow-credentials: true
timing-allow-origin: *
server: nginx

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ 44 B
523 B 151ms
150ms Image
image/gif 2600:9000:223c:5c00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?rnd=1630517316009&ci=newscorp&js=1&cg=0&ts=v60.js&vn=6.0.104&cc=1&cd=24&ck=y&je=n&lg=en-US&si=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&sr=1600x1200&tz=2
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5c00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
via: 1.1 b9d2ce196c8a711fb15d92175d58476e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 44
x-amz-cf-id: n7JfoAzCHJe9YG1r455IT4baAvY3Rr90cdOPq6eqk9S3Qa9fLQzWNA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK dest5.html Show response
newscorpau.demdex.net/ Frame 3C97 7 KB
3 KB 136ms
33ms Document
text/html 18.203.33.226
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://newscorpau.demdex.net/dest5.html?d_nsid=0

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.203.33.226 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-33-226.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: newscorpau.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.gq.com.au/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=76468966948559437041532359418872185474
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Wed, 1 Sep 2021 17:28:36 GMT
DCS: dcs-prod-irl1-2-v015-04e0c1d68.edge-irl1.demdex.com UNKNOWN
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Thu, 26 Aug 2021 10:43:10 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: uIgaej72Rdk=
Content-Length: 2791
Connection: keep-alive

GET
H2 200 id Show response
metrics.gq.com.au/ 48 B
507 B 87ms
21ms XHR
application/x-javascript 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://metrics.gq.com.au/id?d_visid_ver=5.1.1&d_fieldgroup=A&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&mid=76447737938200552981534748364879074200&ts=1630517316044

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

7eb080eb46db07dac4eb7634268a208a357f1606ea2bfbdd174a55c81f8423d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-f47784dbf-8mfq2
vary: Origin
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.gq.com.au
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=YS_4RAAAAJWObwQz
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=76468966948559437041532359418872185474
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS_4RAAAAJWObwQz

42 B
945 B

35ms
34ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS_4RAAAAJWObwQz

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-06e2d9998.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: WZu9GXDyTb0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=YS_4RAAAAJWObwQz
Date: Wed, 01 Sep 2021 17:28:36 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/992084939/ 42 B
84 B 18ms
17ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/992084939/?random=1630517316004&cv=9&fst=1630515600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&tiba=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&async=1&fmt=3&is_vtc=1&random=2080830945&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/992084939/ 42 B
108 B 22ms
21ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/992084939/?random=1630517316004&cv=9&fst=1630515600000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa8u0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&tiba=Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%20-%20GQ&async=1&fmt=3&is_vtc=1&random=2080830945&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ls.html Show response
cdn-gl.imrworldwide.com/novms/html/ Frame F033 12 KB
4 KB 6ms
6ms Document
text/html 2600:9000:2240:4800:2:42d9:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-gl.imrworldwide.com/novms/html/ls.html
Requested by: Host: cdn-gl.imrworldwide.com
URL: https://cdn-gl.imrworldwide.com/novms/js/2/nlsSDK600.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:2:42d9:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1

Request headers

:method: GET
:authority: cdn-gl.imrworldwide.com
:scheme: https
:path: /novms/html/ls.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gq.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

content-type: text/html
last-modified: Tue, 17 Aug 2021 13:40:58 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: zpOrZdUsdtFSUglONNnszp78Z80REEcP
server: AmazonS3
content-encoding: gzip
date: Wed, 01 Sep 2021 17:19:24 GMT
cache-control: max-age=86400
etag: W/"7fa83dfc7b78314b137e2eb13834daa7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 df3b3b9f4fa0f79195c56a91cf242364.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P1
x-amz-cf-id: zMsnYRZ1BiU2bS9QKzh6d58JRYczxpw05HfC0Iw4FE1aaRdHx6xlPQ==
age: 553

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ Frame F033 44 B
563 B 113ms
35ms Image
image/gif 54.194.202.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=session&c9=devid,&c13=asid,PCB0BEE8B-33E1-4197-9462-D07AD6280E09&sessionId=2cf7quzlbkmuz2x7nlyamnygmam1m1630517316&c16=sdkv,bj.6.0.0&uoo=&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&c30=bldv,6.0.0.602&uid2=&uid2_token=&hem_sha256=&hem_sha1=&hem_md5=&hem_unknown=&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&retry=0
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.202.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-202-134.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 /
2cf7quzlbkmuz2x7nlyamnygmam1m1630517316.nuid.imrworldwide.com/ Frame F033 35 B
349 B 33ms
6ms Image
image/gif 2600:9000:223f:7c00:1d:667e:2a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2cf7quzlbkmuz2x7nlyamnygmam1m1630517316.nuid.imrworldwide.com/
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:7c00:1d:667e:2a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://cdn-gl.imrworldwide.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 16:28:35 GMT
via: 1.1 63505de36d604e79a77328b302a7d4a2.cloudfront.net (CloudFront)
last-modified: Tue, 11 Sep 2018 17:05:20 GMT
server: AmazonS3
age: 3601
etag: "c2196de8ba412c60c22ab491af7b1409"
x-cache: Hit from cloudfront
content-type: image/gif
x-amz-cf-pop: FRA56-P5
accept-ranges: bytes
content-length: 35
x-amz-cf-id: d8ATIpjuGq3cjWLkFexdzxlD_ZRyfM5-A9xlTs80Dhw_5GMMo4KF9w==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.gq.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 16ms
16ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.gq.com.au

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 193 KB
22 KB 92ms
92ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1162070575984193&correlator=2335351113686999&output=ldjh&impl=fifs&hxva=1&scor=1930091354783374&eid=31062366%2C31062297&vrg=2021082701&ptt=17&co=1&npa=1&sc=1&sfv=1-0-38&ecs=20210901&iu_parts=5129%2Cndm.gq%2Clifestyle%2Centertainment%2Cfilmtv%2Chasnefflixslacasadepapelinspiredreallifemoneyheists%2Cnewsstory%2C37feda706e2193b852cba885010c71fe&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7%2C%2F0%2F1%2F2%2F3%2F4%2F5%2F6%2F7&prev_iu_szs=728x90%7C728x1%2C728x90%2C970x250%7C970x50%7C1000x50%7C1000x100%2C300x250%7C300x600%2C300x250%2C4x4%2C1x1&ists=1&prev_scp=pos%3D1%26id%3D09c4a3a1-0b4a-11ec-acc2-0a6fa201f3de%26vw%3D40%26grm%3D40%26pub%3D40%7Cpos%3D2%26id%3D09c4a3a2-0b4a-11ec-acc2-0a6fa201f3de%7Cpos%3D1%26id%3D09c4a3a3-0b4a-11ec-acc2-0a6fa201f3de%26vw%3D40%26grm%3D40%26pub%3D40%7Cpos%3D1%26id%3D09c4a3a4-0b4a-11ec-acc2-0a6fa201f3de%26vw%3D40%2C50%2C60%2C70%2C80%26vw05%3D40%2C50%2C60%2C70%26vw15%3D40%2C50%2C60%26grm%3D40%2C50%2C60%2C70%2C80%26vw10%3D40%2C50%2C60%26pub%3D40%2C50%2C60%2C70%7Cpos%3D2%26id%3D09c4a3a5-0b4a-11ec-acc2-0a6fa201f3de%7Cpos%3D1%26id%3D09c4a3a6-0b4a-11ec-acc2-0a6fa201f3de%7Cpos%3D1%26id%3D09c4a3a7-0b4a-11ec-acc2-0a6fa201f3de&eri=1&cust_params=us%3Db%26s%3D0%26co%3D1%26kw%3Dnetflix%26sec1%3Dlifestyle%26sec2%3Dentertainment%26sec3%3Dfilmtv%26sec4%3Dhasnefflixslacasadepapelinspiredreallifemoneyheists%26sec5%3Dnewsstory%26sec6%3D37feda706e2193b852cba885010c71fe%26ksgmnt%3D%26siteview%3D1%26pagetype%3Dstory%26aid%3D37feda706e2193b852cba885010c71fe%26adl%3Dfalse%26pvid%3D00000000000000000000000000000000-37feda706e2193b852cba885010c71fe-1630517315317-120161%26fr%3Dfalse%26adt%3DveryLow%26alc%3DveryLow%26dlm%3DveryLow%26drg%3DveryLow%26hat%3DveryLow%26off%3DveryLow%26vio%3DveryLow%26ias-kw%3D&bc=31&abxe=1&lmt=1630517316&dt=1630517316140&dlt=1630517314488&idt=1464&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C436%2C315%2C985%2C985%2C315%2C0&adys=24%2C4757%2C204%2C1078%2C4713%2C1578%2C5987&adks=1949764150%2C3887915377%2C3993282776%2C4015594425%2C3420076476%2C3639395328%2C3039732659&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&u_java=false&flash=0&url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1%7C0x3658%7C980x4%7C300x0%7C17x0%7C643x3587%7C1600x5868&msz=728x-1%7C728x24%7C970x24%7C300x24%7C300x24%7C4x24%7C0x0&ga_vid=2104284678.1630517316&ga_sid=1630517316&ga_hid=1419245914&ga_fc=false&fws=640%2C128%2C128%2C128%2C128%2C128%2C128&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C1%7C0%7C0%7C2%7C3%7C4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

bfb5489b02532c38719f160c9b65d3e5540a5c9a3bafb5ad94a725f1d3293444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22737
x-xss-protection: 0
google-lineitem-id: 4682990628,4682990628,4682990628,4682990628,4682990628,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138234092474,138234025551,138234082439,138234092042,138234092456,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.gq.com.au
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F11D 6 KB
3 KB 28ms
15ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gq.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 01 Sep 2021 17:28:36 GMT
expires: Thu, 01 Sep 2022 17:28:36 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=6835395103186562102
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=6835395103186562102

42 B
945 B

44ms
44ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=6835395103186562102

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-052ec9957.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fze1jz36QKs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:36 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 5ca403a2-3517-45d1-8e23-5498eb52dbe8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=6835395103186562102
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FAC 0
0 43ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9xVkBAgRkhP9CIeV-Y7I8LxBBNYftIYzzYYuBN8MQiQP8F3yFp4Y9HGIC1spd6AADAp61NwAMLylqUL7rcbqf5KTyPWAMBUkonwbdtU72LAZUUlrqFaagrXFZFrPgvyaD81f_YJUdP5DK4YKEGS4gYbF1mdxlPordD1EPFHzOE9Z76qN6l-u-YPNI9DjpkJIHsgRskVQm1P3-JfS5esGclSCUF0qnEfz7KuaLGGTgJ6NmLJ1o-xm2CiWh0_Pt4OFllg-7XSUI19Jeoe4LJ3p9x471Yx7cu19x6yIA6cvTUV5AD1Pzx6GjJz_TijLe-fc3HHvJcyieQd6q_y-d2wsf5HM7oocU8ueZS-s1ra5l5QIiZ5aeOiYdS5jkLo5gelg-Un_SYrpeAgFwL1zTWKmteWCfgm1rvmd6xQ0mpFQu65stz95_-tivUyf66dWHbDIy5m1yxSHPGZP3fMzk&sai=AMfl-YQs-sTmYQvZWzkdMItyA6Pq7YaxwDpiUnUiatxq1k6Mz6C12-wy2eLZF25Q_PpGW8X32WzDktRSbMzO&sig=Cg0ArKJSzB7IA6kj4X1fEAE&adurl=

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 5FAC 18 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:21:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:21:56 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 5FAC 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:20:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:20:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5FAC 122 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H2 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 5FAC 68 B
191 B 9ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 16:39:35 GMT
x-content-type-options: nosniff
age: 348541
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 16:39:35 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322975956640"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27566
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D7E 0
0 44ms
43ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv1wOZMYQfG9wZ31H5g3Z8vPXOOUF0QPfzhA9hAEDX2Iek3WtsxbXUabl03SIny3PtF15nmfx8eWLw43bqZ6Y3zbRT85KC4S3NP9kRR5gU9nCHBSwTgQomY9kDdAS8HMS_UoVnY6daZ5aRXv5pnsCzfyR18qQpQdjbdARIwOBqTvC8l7KC1iv74VODLslRNxFjJNr0-aSS0PK7lbp1-jDUl1mGJVTdjqc6JD3UuoVBxCdyYZ16a99-BuK4nE5BCVWiBjQVMaukI1UxlYkbUUVa8k1yH2RLsMgZqsJDdEJYDaJSwpU8AmrmIqZDbMfBYl0ZRyhLMhKGtcidFUjsaKDay1TzwELLgOW5ekg2l95JeV-OPlzxPto-OeLrQvYu2J1YHJbl-YWBJ7oXoisWo5aM76VIqLjElCIcsSh3y0g_4M0cqZp4Of0gc4CD_yehzjFccnq6dsbTtY2k3zFrz&sai=AMfl-YT94_kxO4RisQatsqgn8gS_fDMSKAq_fXgmIB280Snydfy7c9-Q0-Wuw0uA-2PTFfj-IYFy3eir51PS&sig=Cg0ArKJSzNHF6Uj2AE7FEAE&adurl=

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 7114969398400660195
tpc.googlesyndication.com/simgad/ Frame 8D7E 68 B
93 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7114969398400660195

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 13:00:08 GMT
x-content-type-options: nosniff
age: 448108
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:39:36 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 13:00:08 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 8D7E 18 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:26:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 8D7E 2 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:27:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D7E 122 KB
37 KB 44ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8D7E 0
0 16ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyJ_KqKEDtktU2zn9gNxIAP1Nr3_dx52CXKryMl2XqNPld8oipzNW45MdPRqgcha2WWQCQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CFC 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsss_S7tSlwXXsETWsKIylJAK3ZetMxQMbeT0i35GpVNBLSpolA3XV55ROB1qU-bwlfgrM9xkCPKVEwVVIpTiDGwXrgtrQl6-uaiWy41W2FkGL1Z8mwkmQx_DS_XMaEz4d930za_IG_JKUxld0lv9MhdJQenHFJ76GplJp4wSe_1pWl1zrSqomnSP0ATbccE3W-3n5HbqAZJaMBROjOVK621OLtLZaEU6fGQMuCRRae-JJwKLd8Qk4iN7uczv3s6DKAqEA4-udECRJoFrr1Y_RDuL06XYsQnLaSRgbetFCjM_TJrVAWy_n0rsZxpUzBiIBmyXrl_YvqelCPQXLIkC5KBY6RMChMDBAc32K0oiiPrORkSkQ5gUM0N_Np0NRg5pSBLruBrHcOKjvP_rRiTWI-WbeIZBlhBVUOSquqmTIbHfNb9yAMxddMp4UPw3Qx14VCyphm8qCAaq6nQowxZ&sai=AMfl-YQT0bJZin4At2gcp4vjGBlOGViV2zFK5e6oQdbFR9pBAQ4YAjVEc68upUw2NShYJuA27mIIgMm6oACo&sig=Cg0ArKJSzEjkkFF26jvqEAE&adurl=

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 9CFC 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:26:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 9CFC 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:27:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9CFC 122 KB
37 KB 37ms
27ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H3-29 200 13503232906761715217
tpc.googlesyndication.com/simgad/ Frame 9CFC 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13503232906761715217

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 27 Aug 2021 01:34:58 GMT
x-content-type-options: nosniff
age: 489218
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3270
x-xss-protection: 0
last-modified: Wed, 23 May 2018 04:43:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Aug 2022 01:34:58 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 95F1 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss1p-o1JQKeE-fd17tYhUdif7FHhgb3yz5Vw4_-V9zTaHofkJI1oEStV_LN1y5Ev9x8CuCMEpkPFmvDo3_Bqb2-EOu52YQ6ckXlS-atYFhyuFaQg9kibZii4rO6125Qy9cB4riVqlJlaU1yjDMNoC6gFAO7gIrqsi-a-B8mRxIRVs_bwukdO2s2iu44zYLTNj4T6pyBtb3fw0O_O2wHW28HURkiu6xoXjPe38H4EoCkEejUr3j2_3onVrGyPYvIY5Y5JfTuqh5XXuuDSsQW8fLD_AT4oUolsBq3f-Kl7n30q6zNkkgM5PDt-8nwtiWmKdKR_I4PT1cxVfBA_4vvja8Wf7dpahdxawTXJclMFc9EXcz-vwcYxRuknWnbULdNfmN6CoTbS44hyLlmvbs0KV6QCPtyGkBNcn7y4R5bgfZCswGTwZcptDTpsbbUygaACBWWEm7hxlShgyYCcFKV&sai=AMfl-YRnERDiQQs9VgWRB_KwQq1tB6ajec9cBq2MB3ucujEDyl2sZyyz-ebv3gbnOFWod_zHKcQ5WDtf5nc0&sig=Cg0ArKJSzA5zZfz0TIx-EAE&adurl=

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame 95F1 18 KB
7 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:26:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame 95F1 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:27:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 95F1 122 KB
37 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H3-29 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame 95F1 68 B
93 B 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 18:14:01 GMT
x-content-type-options: nosniff
age: 342875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 18:14:01 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED32 0
0 45ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHcQWhtBpW8EGdgYnzYoob9_-QjVO0agbZjnfwwTSf3K3PN8ID5orzW930JlFi7HAyj-FsjG5R2QI0Hn9T55lKS7l4CPBEAOvmAgNdHFuUAOzHVFn6jl_N6rVxkBmWHv6cHrfAohyp396X2McZTy8icEiUWIvidM2uAXoFdprZaVEcjBE8MIXNKmOaKgF3SuYl2o84Y4tUoQu4CSyaSaxpTnhwYIoE4jwYgWZzYre726oQzxmOhP34CTaGRsqffsi-yH3-a8nDwDWfO3zVKRMDrCAlFUjlsn1jtsi3HnpEWNlzMvCr-Jb0llXtyWm8oHniuOpTYnlSH-9iZ9z2uwF9xSiFKoShZwdl1-0C9IjznGXk_EpR_-0lvh8D77S5_K0MS4v3nIyDpSJrv6NwZwBUhxn11CRcwFTMh7bUWl4mkU2OBDPaVHNuBAeIz6bLmRGHUmuRQ_mpl37leY_S&sai=AMfl-YSphfWCm-Lf0AhEaVNofsq5C_ITFHIc9-EVrjs0AC6N9uGIi1ASrNoXjJEhOm_kev0lnOW2uKF2qeoy&sig=Cg0ArKJSzModuwLUpReSEAE&adurl=

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 13756812283639570429
tpc.googlesyndication.com/simgad/ Frame ED32 68 B
93 B 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13756812283639570429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 18:14:01 GMT
x-content-type-options: nosniff
age: 342875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Wed, 23 May 2018 07:40:06 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 18:14:01 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/ Frame ED32 18 KB
7 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:26:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7645
x-xss-protection: 0
server: cafe
etag: 13200147268341533873
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:26:55 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/ Frame ED32 2 KB
1 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210826/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:27:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Sep 2021 17:27:05 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED32 122 KB
37 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1630322985459792"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37796
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:36 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame ED32 0
0 17ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKWOXmlNCprViShMBTz8IOvNWIg_DzZG9h56iV1gdckiJySbl7owLBOEtyy0ixWVSADEbr
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 5FAC 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b61dc6461c617cdbe7f1e6711a980c6cd76cd4402ef7f40d54991e6493a16633

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 45A2 46 KB
13 KB 118ms
55ms Script
application/javascript 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=304039622&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a1-0b4a-11ec-acc2-0a6fa201f3de
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: dd97c97147d141d2b4724fee75b06ee78877f8041ba4ce131fd45d117b78fe90

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-server-name: app14.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=2875074148033417874
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=2875074148033417874

42 B
945 B

35ms
35ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=2875074148033417874

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-029cd1af9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: DzSK2WR1Qaw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=2875074148033417874
pragma: no-cache
date: Wed, 01 Sep 2021 17:28:35 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5FAC 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKK_9xvyuoxkKOhgLzp9BwLK8Nq0zCeryeI4TDrkfDt2ydye0AfjGv4eFNwW7Slfif1lgrVDUvdW8kv5TNOyHx3Pjg33pBoZ7zSE_ScECC1XLIJuk0yi3Q8az8GaDbcgt2va2_uMiRLr_ksEdL6763bYvdnJZ-LFOsFUltR-678XiTLT439FCqjvZ8lrxFi3gIt38Mj8yROOv0IWvSk9EohgoIk0zhzxfpGyhvI591CUkEGk_V8cpHMGkHWdC7AzPPqq-b6pkQfq-zokF5HwZXgm8X-hSR2oyBtsjpsh8mlLCNNq4jmpkqql2_ORh_WZqT2efmRdZB5uLz01LKU4EosaKda6-79WxaAUr-ZxbqyZqI5iaYCaqCbYDBhuPE22ss04RQSBras-FQiWoXGKFaUaufH0SuqUlUtxBS7GH9adYYUrzJIb5g82Cr4_mEZKDZobpp3umqAvkhgWKGVY0&sai=AMfl-YTDz6z8qao3RQUA-_5BKWQ3AYQa2Nx-YiVQDHEWnqgKhSoqUsr1hO-jwi_OXSsi5UIcoFj3tiKQ4WFm&sig=Cg0ArKJSzFSBtiC60yjGEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 95F1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a76ad90ce0d296d29806d222bd3f851d801fcbc5585324b06a659016214f3d08

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 0334 46 KB
13 KB 56ms
56ms Script
application/javascript 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=637741299&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a4-0b4a-11ec-acc2-0a6fa201f3de
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 516077519eede0118b61867968f7298201b7575c9fc9998f72afc52cfde44d04

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-server-name: app11.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 95F1 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssO8AjMYBglIBVSHVmY5_ItW3qO1LTIwxEpmQQDrAPEDDVPSGFSEbwb6aMqhSENirFJHWDTfxAoO0hpG9TEjbr06tfr8Q3g7wZOAFsIt8kb7kBn-8HWPUVf0fseuTSTuA1B-PRg1CjgUdP06SbH6dlNcpO1W1p6M-dfuZBe7h827QFRoLOAx86OX5mqACuKZsbNX7lstiiFz3HAi6BtzXYsnPscuc8mD2NoChSbXUalT3WRKccpDYRtL8oQQt6GmAvr85Qy56_HFqn54XOBPcbce-NbEL6mPw2gdgL16zpz_DTSWEv52iAMKQB3BRyKzwQkpcO_iUGrz8CJHOtF29WiA-Ac4XWmpAG5gTfWGIyF_9ccY7O6fby0OaEhsmTzrvVU3ZabIA__h2f9By97gwM5ymXk6tjbXneQBPr2Yuvlc2Qlzfl8Uidw-jZuO8a5vWqigCpQ1spSsMACusv-IBA&sai=AMfl-YSYzzcI8mPy05U7yiw-SDPDcDxGGnEcjJc4MapgeGRk_gELtkWRzHyPTMdDi9w5ik9D0--ryMfq3tDK&sig=Cg0ArKJSzI77cd1wa-htEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9CFC 0
0 42ms
41ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstYNpzrKvyB4ndFfct5nDw-EpZoHwmGQGd3sQFAY2LVFA5slmitGtk7VTVUgRHb1zNLWHOCFJzfRMjQgW0gMBJeKjxskVT1ZBDKEmsp_7Pdn0HjnW172pcebobzrC16TOF1vSdO0uBhGhdMN1R35lOgbC1Q-mkPy6HAmFf1pJp5ge9ExmAKJwRXWJ3cjQ_G_jLpXcCG4VVmTtglxVF89fYoIMWFMUslgO00Hb0doyt6LceKikfTI_5r93-US9RXQA0RGS7WPUtUnlgypGMRrwyOpc5-ZBGphEXbj6PbQ0XwyCcYDrThpnUQpDHDSoDC4lOWZZg4RiOeerxa-Qqw7-ykyQczC2RnKXshOovZyU4Jwi1Ea19WaezaW5DMCSe7qsfcFuCcz9oXdzJVaOugT42X63RIFhw0PzDHK_ZRMyUzWJnyRoqwGLjw-zT4cWdxpQ2mCbBAgsx_MhIGed9fFlM&sai=AMfl-YSjBkmwjUr8PyPXTz8QlMFH3NLBX1PbuXPsGc_NnNoOK8Ys3wpQgfUwQvwTQiwaoXRgPNcqI-uh0AYq&sig=Cg0ArKJSzOKCMQoFxoAgEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 9CFC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e909c80d84b3562dbf1797139c797eac8e91b11cfe94e96af9bdaaf7bbf53a56

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 50E3 46 KB
13 KB 52ms
52ms Script
application/javascript 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1110897873&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a3-0b4a-11ec-acc2-0a6fa201f3de
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 2977f1e96ff27416b97b243a3eaf8e0d7c3c785d3b60afcf69203894d44bc8d3

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-server-name: app07.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame 8D7E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14bbcee708f32f6e654872143051c280531e049011293f38b724df12cc4d7e6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 51A0 46 KB
13 KB 35ms
34ms Script
application/javascript 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1130347547&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a2-0b4a-11ec-acc2-0a6fa201f3de
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 83aba90a479fac6e505eaf030bc8ad6f9e7a0cb2887edcbe65e5dafd2758c5e3

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-server-name: app10.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
DATA 200
OK truncated
/ Frame ED32 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b12e040aded4771f0bcb46f2285cac0e7ab60098e31ebca8d8b148fbfebc3c89

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame D220 46 KB
13 KB 33ms
33ms Script
application/javascript 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=427146922&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a5-0b4a-11ec-acc2-0a6fa201f3de
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 7b72ea4aed9fd321b5bd1ee58076919c5ea0d2062ec4c7c651c114a7bce7a7c6

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
x-server-name: app16.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 json Show response
trc.taboola.com/newscorpau-aud-gqau/trc/3/ 6 KB
3 KB 53ms
51ms XHR
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-gqau/trc/3/json?tim=19%3A28%3A36.524&lti=deflated&data=%7B%22id%22%3A656%2C%22ii%22%3A%22%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1630486016029%2C%22vi%22%3A1630517316522%2C%22cv%22%3A%2220210901-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A6103%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2v%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-bc-stream-a-native%3Aabp%3D0%22%2C%22uip%22%3A%22Desktop%20Below%20Article%20Native%202%22%2C%22orig_uip%22%3A%22Desktop%20Below%20Article%20Native%202%22%2C%22cd%22%3A4740.703125%2C%22mw%22%3A603.328125%7D%2C%7B%22li%22%3A%22rbox-t2v%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A4740.703125%2C%22mw%22%3A603.328125%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 58536f661fb04e243a1f39cca2557df0cadd6dc8c41b2f64c94473a78504aa35

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 43
date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
server: nginx
x-timer: S1630517317.529673,VS0,VE43
x-served-by: cache-fra19170-FRA
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.gq.com.au
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
x-cache-hits: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8D7E 0
0 44ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvqunbX5wyJTYF-JsSe-lIrai1Cf6WgP-QaK11tduFTg5-VxhkiKCrbkwm97ZCnvkpYG_JeuyaMbTwmYVpxQBxEbaOq4nW8WI3BgWVKh-Y1otyDylMXeFApO5L8qchWPZgjIjfXZp03Wpq-Ct4RkTE8qhMfR4KjUjCtVZlfuHb59vOnstbivNjAR1S_-EMVwt9o1g2Ed7U7MTYqZmr9tMpMWBk8PhwzHhpmZU1ZKo2xC9Y1mYgg5RXPyaM-Duow37L_P6j9ZCTYBLEBgnwjYgxOuyss86Ppc2_GIOWo_KHyycETDhC_BAFI6BmIRRkW7yr1go_VHutVBJ2XHopKYo2HnDCNn7yqlGTVaUKMk0GDK2dPEIHIc2r_5ahgZ21tZHRo-sDanTE9bCXuuLY43bDDserMgewLKd2UIU-lO0LM7lL0NTKfEJacdUubkDBPW9H4Chd8Dpgh5ebj60bJAXs&sai=AMfl-YRWylSdmd8JrgvgEWQDsFTZpk1ayPNWgBsT0EsaQOYCrjDcj5QWDQzBGM8kqDOt49Du-jnnxkKEOXjC&sig=Cg0ArKJSzNfrLUjoMP3hEAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 3C97 0
214 B 105ms
29ms Image
text/plain 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=6404&puid=76468966948559437041532359418872185474&gdpr=0&gdpr_consent=
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame ED32 0
0 42ms
42ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuM86BLjR_0Na4Hrw1uCmUa-9XmPGsaWOtkYQKl0r6Y-pGoyyxsJ3dNZZX3VMytZBAZ4f-bcupxdVPJhLUwJ-OVoo3b7gY_2wEYSxAvhpD0hOGl6bV3Zp5zrq3tZeTe8ZSm8Sku4bbrZKmzQcXNSUzcpzN7pbUKVGYqqxAMGzfRkxxEQK4mMpdYMa2JKMLABvv-rECIhbVIhIgAVLdSsgPbXV_ThPiIm4MDo_-eh4_uj1lEv3iHPYm5HHoO9ls9DOJwvFa0btQnH0EWRWmZd6esCZsk6L6hBdgzIO81IJ0BMy4rLLt2KIsA6UwXsHLzGHpF7NJ3sqMwgYKP3-g9marTZpxWrd388XM4qf8nY1Gwn7Qt3tbLncvApFpyaXUc1D4oqBWSZk9PsIPtBXNZx_KTP9FlRRsiRL0pJabsMS-Hyru2s8ZJowYiOe3ZlH0H0AbsWAUD_Glc3GPLynbLhwc&sai=AMfl-YRzNSUhO0TbeaOI-v9PwuYa8M5XqSaA6k5YFHAjx7cOpJnI5NLIEYUevFW6oolrnQbawpf7DPm3WvjX&sig=Cg0ArKJSzLxh894lnoD7EAE&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:36 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 main.gr.19.8.241.js Show response
static.adsafeprotected.com/ Frame 45A2 187 KB
59 KB 92ms
28ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.241.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=304039622&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a1-0b4a-11ec-acc2-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a45c1e76d192f70d375bed09a1efb7381b3c9e42ba9491ad4da8bf4f208ec3b6

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 23:35:32 GMT
server: nginx/1.16.1
age: 143353
etag: W/"c36246cb00c96778a7ebcee8a2f8031a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.241.js Show response
static.adsafeprotected.com/ Frame 0334 187 KB
59 KB 153ms
90ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.241.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=637741299&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a4-0b4a-11ec-acc2-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a45c1e76d192f70d375bed09a1efb7381b3c9e42ba9491ad4da8bf4f208ec3b6

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 23:35:32 GMT
server: nginx/1.16.1
age: 144208
etag: W/"c36246cb00c96778a7ebcee8a2f8031a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.241.js Show response
static.adsafeprotected.com/ Frame 50E3 187 KB
59 KB 150ms
90ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.241.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=10x10|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1110897873&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a3-0b4a-11ec-acc2-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a45c1e76d192f70d375bed09a1efb7381b3c9e42ba9491ad4da8bf4f208ec3b6

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 23:35:32 GMT
server: nginx/1.16.1
age: 143770
etag: W/"c36246cb00c96778a7ebcee8a2f8031a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.241.js Show response
static.adsafeprotected.com/ Frame 51A0 187 KB
59 KB 148ms
90ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.241.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1130347547&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a2-0b4a-11ec-acc2-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a45c1e76d192f70d375bed09a1efb7381b3c9e42ba9491ad4da8bf4f208ec3b6

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 23:35:32 GMT
server: nginx/1.16.1
age: 145101
etag: W/"c36246cb00c96778a7ebcee8a2f8031a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 main.gr.19.8.241.js Show response
static.adsafeprotected.com/ Frame D220 187 KB
59 KB 126ms
72ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.241.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=427146922&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a5-0b4a-11ec-acc2-0a6fa201f3de
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a45c1e76d192f70d375bed09a1efb7381b3c9e42ba9491ad4da8bf4f208ec3b6

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Mon, 30 Aug 2021 23:35:32 GMT
server: nginx/1.16.1
age: 144636
etag: W/"c36246cb00c96778a7ebcee8a2f8031a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 cta-branding.js Show response
cdn.taboola.com/demand-formats/cta-branding/ 19 KB
6 KB 9ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: A4C5uzAVxH2Ztj3AaZnQWTHahT65Jp9O
content-encoding: gzip
etag: "7a6ef5412d45e94af6813e18c060355d"
age: 12326
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5990
x-amz-id-2: 5MobSlc+iIpZcIvvqKj/kIaKd9zK/zHejUaSlk6O46g6IuLOoQUG1y7EPVZt4Nk4Bg5d+sG47tY=
x-served-by: cache-fra19170-FRA
last-modified: Tue, 06 Jul 2021 14:02:32 GMT
server: AmazonS3
x-timer: S1630517317.584287,VS0,VE0
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding
x-amz-request-id: KQE2YD0951MP799B
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript
abp: 79
x-cache-hits: 53567

GET
H2 200 cta-branding.css
cdn.taboola.com/demand-formats/cta-branding/ 2 KB
1 KB 8ms
8ms Stylesheet
text/css 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/demand-formats/cta-branding/cta-branding.css
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 10qGt8O9hKdbB5IigEtXn8Bn._HPfO8j
content-encoding: gzip
etag: "10c372ee2c83a7fd12df18aebc5320c6"
age: 4384
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 719
x-amz-id-2: A8pOn0vHP2AZTFPKUH/E/XQ0BnACpoDi2Cn8umalQjLdBaCQMU0fH3eIPGkBpOFXLrfZ+JH/G5w=
x-served-by: cache-fra19170-FRA
last-modified: Tue, 06 Apr 2021 14:48:01 GMT
server: AmazonS3
x-timer: S1630517317.584270,VS0,VE0
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding
x-amz-request-id: H26RXF80K5Y33KYT
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: text/css
abp: 79
x-cache-hits: 20326

GET
H2 200 tfa-eid.20210901-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 14 KB
5 KB 8ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/tfa-eid.20210901-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fdc0b4ddf7e9486b5a149158aac1963a96eae4652602e4e4369a80b6254b66b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: rd.aZmML2G9.NRYZ5PDUGhV3V6RJ.DH6
content-encoding: gzip
etag: "b89573b8bd077a78d3a8af8f4953d6b1"
age: 52
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5062
x-amz-id-2: sn9Qyl8ly40T4PliJiSjFdTazG6HeNw77m0DmtnbluV1spHkazP+CxXMwLV2cNWXun9G+VHVvYo=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 01 Sep 2021 08:55:22 GMT
server: AmazonS3
x-timer: S1630517317.586367,VS0,VE0
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding
x-amz-request-id: GN34X3PHVGWRN756
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 266

GET
H2 200 sha256.20210901-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 6 KB
3 KB 8ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/sha256.20210901-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e6df711875f42225884659bc20390832b499a9becef8d1e257360380e51ebeaa

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: 73Mx9A3jiXH.K5_OK3T58KNvF1petZGD
content-encoding: gzip
etag: "15df084b80785957faee35c325fadcd7"
age: 76
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2589
x-amz-id-2: 6Dos1dwFrS1Uf6V6k5qTP8m6onRArgrnqqm6FmYJnCZLBPzFTNUy3SM6YcSEDLb8vr/h1PfXoVo=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 01 Sep 2021 08:56:02 GMT
server: AmazonS3
x-timer: S1630517317.587044,VS0,VE0
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding
x-amz-request-id: 250QYJR6A705BD3K
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 365

GET
H2 200 feed-card-placeholder.20210901-6-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 8ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20210901-6-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/newscorpau-aud-gqau/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 91de48b730b3fd4cf59e41c89c8408bb37429d3a76ef2f38eb6b7d5e7dd3a284

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: V.Ni1.Ayf3C5z_CHhr6qH8rXBRBr.boa
content-encoding: gzip
etag: "dbbdb42f9ab31fbe743eab24d09bd27d"
age: 58
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1262
x-amz-id-2: R4exQr2Wn+KUC3oDB5IHfVZOY41tCBYVt/ljrLUQJH9HuvFmw+RnA54/a9EL+ntm2hVh6ZpTCzI=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 01 Sep 2021 08:57:32 GMT
server: AmazonS3
x-timer: S1630517317.590100,VS0,VE0
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding
x-amz-request-id: 9ZKJ20RMDH2FJCQS
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 79
x-cache-hits: 194

GET
H2 204 debug
am-trc-events.taboola.com/newscorpau-aud-gqau/log/2/ 0
89 B 23ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-gqau/log/2/debug?tim=19%3A28%3A36.593&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20native-thumbs-a&id=8090&cv=20210901-6-RELEASE&lt=deflated&pct=1
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14052

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 8ms
7ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 40
via: 1.1 varnish
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: yeOJJ+tNNdajw4hK3I7/tYpBRq+/TJEGfi4sEZRXOp9UQ3u6dQQzKs083dQVHcAwy/qqwRKPz0M=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1630517317.598706,VS0,VE0
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 1PW18NSMPYAQGD13
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 79
x-cache-hits: 60

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NzY0Njg5NjY5NDg1NTk0MzcwNDE1MzIzNTk0MTg4NzIxODU0NzQ=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NzY0Njg5NjY5NDg1NTk0MzcwNDE1MzIzNTk0MTg4NzIxODU0NzQ=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEE_CrcPAIttNr4nMuV7VIYc&google_cver=1?gdpr=0&gdpr_consent=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEE_CrcPAIttNr4nMuV7VIYc&google_cver=1

42 B
945 B

36ms
35ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEE_CrcPAIttNr4nMuV7VIYc&google_cver=1

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-0c67acd41.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1iNmTjaoREQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v015-039ac9841.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: yl9MkBGYQi8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=771&dpuuid=CAESEE_CrcPAIttNr4nMuV7VIYc&google_cver=1
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 679B 80 KB
21 KB 29ms
28ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1111474
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
215 B 37ms
37ms Image
image/gif 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092474&pubOrder=305536031&cb=304039622&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a1-0b4a-11ec-acc2-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b,c:mZmOEy,sl:outOfView,em:true,fr:true,thd:1,mn:app14ie,pt:1-5-15,wc:0.0.1600.1200,ac:800.47.1.1,am:i,cc:800.47.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:146,fm:sHMwuE6+11%7C12%7C13%7C14%7C15%7C16%7C17*.10507%7C171%7C181%7C191%7C1a1%7C1b1%7C1c,idMap:17*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:173,oid:09f9e505-0b4a-11ec-bd2b-02c390e9b11a,v:19.8.241,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1

200
OK

ibs:dpid=903&dpuuid=5c848302-9576-43eb-9175-5cc92ede7e68
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=aam&gdpr=0&gdpr_consent=&ttd_tpi=1
https://dpm.demdex.net/ibs:dpid=903&dpuuid=5c848302-9576-43eb-9175-5cc92ede7e68

42 B
945 B

37ms
36ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=903&dpuuid=5c848302-9576-43eb-9175-5cc92ede7e68

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-0c10d40a0.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: s+z+UHluRas=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://dpm.demdex.net/ibs:dpid=903&dpuuid=5c848302-9576-43eb-9175-5cc92ede7e68
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 189

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 271ms
88ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b&tv=%7Bc:mZmOF5,pingTime:-2,time:205,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:188,beZ:189,mfA:334,cmA:336,inA:337,inZ:343,prA:343,prZ:351,si:361,poA:361,poZ:376,cmZ:376,mfZ:376,loA:382,loZ:385,ltA:393,ltZ:393%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:172%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:206,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:171,wc:0.0.1600.1200,ac:800.47.1.1,am:i,cc:800.47.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B55~0%5D,as:%5B55~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuE6+11%7C12%7C13%7C14%7C15%7C16%7C17*.10507%7C171%7C181%7C191%7C1a1%7C1b1%7C1c,idMap:17*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_0,google_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_0__container__,ad-block-728x90-1,root%5D,sinceFw:31,readyFired:true%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:36 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 6539 80 KB
21 KB 28ms
27ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1112806
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 32ms
32ms Image
image/gif 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092042&pubOrder=305536031&cb=637741299&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a4-0b4a-11ec-acc2-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:fc7006b2-7fbb-bb6d-db97-1961661c2924,c:mZmOFm,sl:outOfView,em:true,fr:true,thd:1,mn:app11ie,pt:1-5-15,wc:0.0.1600.1200,ac:1126.1149.1.1,am:i,cc:1126.1149.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:212,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C191%7C1a*.10507%7C1a1%7C1b1%7C1c,idMap:1a*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:220,oid:09fa0b55-0b4a-11ec-967f-024bf4a6d028,v:19.8.241,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-server-name: app03.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame B2CD 80 KB
21 KB 29ms
29ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1113232
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 38ms
38ms Image
image/gif 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=10x10|1&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234082439&pubOrder=305536031&cb=1110897873&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a3-0b4a-11ec-acc2-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:b4c60e8b-9210-0dbc-c4d2-c6b76538545d,c:mZmOFx,sl:outOfView,em:true,fr:true,thd:1,mn:app07ie,pt:1-5-15,wc:0.0.1600.1200,ac:795.218.10.10,am:i,cc:795.218.10.10,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:222,fm:sHMwuEb+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C19*.10507%7C191%7C1a1%7C1a2%7C1b1%7C1c,idMap:19*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:229,oid:0a01d39a-0b4a-11ec-b885-06aaa1ae1a14,v:19.8.241,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame B9CB 80 KB
21 KB 28ms
27ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1115049
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
35ms Image
image/gif 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234025551&pubOrder=305536031&cb=1130347547&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a2-0b4a-11ec-acc2-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:56933dee-6470-05e5-6277-040f9661fc61,c:mZmOFS,sl:outOfView,em:true,fr:true,thd:1,mn:app10ie,pt:1-5-15,wc:0.0.1600.1200,ac:799.4909.1.1,am:i,cc:799.4909.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:240,fm:sHMwuEd+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.10507%7C181%7C191%7C192%7C1a1%7C1a2%7C1b1%7C1c,idMap:18*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:247,oid:0a02be68-0b4a-11ec-81dd-0634eb268b40,v:19.8.241,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 0101 80 KB
21 KB 29ms
28ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:36 GMT
content-encoding: gzip
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: nginx/1.16.1
age: 1110194
etag: W/"9304f57298c3834ff107ea7ccb547996"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 mon
pixel.adsafeprotected.com/ 43 B
216 B 35ms
35ms Image
image/gif 52.50.243.239
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=10507&campId=1x1|2&pubId=20970311&chanId=22101601013&placementId=4682990628&pubCreative=138234092456&pubOrder=305536031&cb=427146922&custom=story&custom3=168405551&adsafe_par&impId=09c4a3a5-0b4a-11ec-acc2-0a6fa201f3de&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.gq.com.au%2F&adsafe_type=f&adsafe_jsinfo=,id:4bf0bfe9-aa4f-da0c-43e6-09996c8fd680,c:mZmOG5,sl:outOfView,em:true,fr:true,thd:1,mn:app16ie,pt:1-5-15,wc:0.0.1600.1200,ac:987.4841.1.1,am:i,cc:987.4841.1.1,piv:0,obst:0,th:0,reas:r,br:u,abv:na,an:n,oam:0,scm:publ1.grpm1,nbld:0,mtim:248,fm:sHMwuEh+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C181%7C182%7C191%7C192%7C1a1%7C1a2%7C1b*.10507%7C1b1%7C1c,idMap:1b*,rp:s,pl:,rmeas:1,rend:0,renddet:IMG.us,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:256,oid:0a05f25b-0b4a-11ec-a806-067f141e2336,v:19.8.241,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.50.243.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
x-server-name: app06.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 271ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fc7006b2-7fbb-bb6d-db97-1961661c2924&tv=%7Bc:mZmOGg,pingTime:-2,time:276,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:126,beZ:127,mfA:338,cmA:338,inA:338,inZ:340,prA:340,prZ:343,si:346,poA:346,poZ:350,cmZ:350,mfZ:350,loA:369,loZ:370,ltA:401,ltZ:401%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:220%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:276,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:219,wc:0.0.1600.1200,ac:1126.1149.1.1,am:i,cc:1126.1149.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19.10507%7C191%7C1a*.10507%7C1a1%7C1b1%7C1c,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_3,google_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_3__container__,ad-block-300x250-1,root%5D,sinceFw:55,readyFired:true%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 pmk-202003261.4.js Show response
widget.perfectmarket.com/newscorpau-aud-gqau/ 111 KB
30 KB 8ms
8ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/newscorpau-aud-gqau/pmk-202003261.4.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/newscorpau-aud-gqau/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72db3a87909272a328d3f3340314c833418a176bf38e60b07a7c4c3c55faa852

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: tzq9nmd7xWD3emhAmW0PNhqCWkRaBMQn
content-encoding: gzip
etag: "412baf83b6672ef795eb1dfcebac12da"
age: 2359603
x-cache: HIT, HIT
content-length: 30938
x-amz-id-2: qEamJFtXCXWmrRh8jWP95+b0R/ji79ADtLM3A+p+Xn0TuLLGhX+93NMWlcoLowe5GPAgECI+0tQ=
x-served-by: cache-sna10729-LGB, cache-fra19120-FRA
last-modified: Fri, 03 Apr 2020 08:07:21 GMT
server: AmazonS3
x-timer: S1630517317.845866,VS0,VE1
date: Wed, 01 Sep 2021 17:28:36 GMT
vary: Accept-Encoding,,
x-amz-request-id: RT0JMHYMXZFAQJA1
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 266ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b4c60e8b-9210-0dbc-c4d2-c6b76538545d&tv=%7Bc:mZmOGs,pingTime:-2,time:285,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:96,beZ:97,mfA:317,cmA:318,inA:318,inZ:319,prA:319,prZ:322,si:324,poA:324,poZ:328,cmZ:328,mfZ:328,loA:365,loZ:365,ltA:380,ltZ:380%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:10,h:10,t:228%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:285,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:228,wc:0.0.1600.1200,ac:795.218.10.10,am:i,cc:795.218.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19*.10507%7C191%7C1a.10507%7C1a1%7C1a2%7C1b.10507%7C1b1%7C1c,idMap:19*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_2,google_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_2__container__,ad-block-970x250-1,root%5D,sinceFw:56,readyFired:true%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt02.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 261ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=56933dee-6470-05e5-6277-040f9661fc61&tv=%7Bc:mZmOGu,pingTime:-2,time:285,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:75,beZ:75,mfA:314,cmA:315,inA:315,inZ:316,prA:316,prZ:319,si:322,poA:322,poZ:326,cmZ:326,mfZ:326,loA:347,loZ:348,ltA:359,ltZ:359%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:247%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:285,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:247,wc:0.0.1600.1200,ac:799.4909.1.1,am:i,cc:799.4909.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B44~0%5D,as:%5B44~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuEb+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.10507%7C181%7C19.10507%7C191%7C192%7C1a1%7C1a2%7C1b.10507%7C1b1%7C1c,idMap:18*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_1,google_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_1__container__,ad-block-728x90-2,root%5D,sinceFw:38,readyFired:true%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 259ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4bf0bfe9-aa4f-da0c-43e6-09996c8fd680&tv=%7Bc:mZmOGw,pingTime:-2,time:283,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:56,beZ:57,mfA:305,cmA:305,inA:305,inZ:307,prA:307,prZ:310,si:313,poA:313,poZ:317,cmZ:317,mfZ:317,loA:330,loZ:331,ltA:339,ltZ:339%7D%7D,sca:%7Bdfp:%7Bdf:0%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:256%7D%5D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:283,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:256,wc:0.0.1600.1200,ac:987.4841.1.1,am:i,cc:987.4841.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B34~0%5D,as:%5B34~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuEb+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a1%7C1a2%7C1b*.10507%7C1b1%7C1c,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us,slid:%5Bgoogle_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_4,google_ads_iframe_/5129/ndm.gq/lifestyle/entertainment/filmtv/hasnefflixslacasadepapelinspiredreallifemoneyheists/newsstory/37feda706e2193b852cba885010c71fe_4__container__,ad-block-300x250-2,root%5D,sinceFw:26,readyFired:true%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=19566&dpuuid=%s
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://image5.pubmatic.com/AdServer/usersync/usersync.html?predirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=19566%26dpuuid=PM_UID&userIdMacro=PM_UID
https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

42 B
963 B

33ms
32ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-02089d59b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: vrjVdZmMQVo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
server: nginx
etag: "60b823a6-cde"
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
location: https://dpm.demdex.net/ibs:dpid=19566&dpuuid=%s
cache-control: max-age=0, no-cache, no-store
content-type: text/html
content-length: 154
expires: Wed, 01 Sep 2021 17:28:37 GMT

GET
H2 204 social
am-trc-events.taboola.com/newscorpau-aud-gqau/log/3/ 0
230 B 22ms
22ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-gqau/log/3/social?route=AM:AM:V&lti=deflated&ri=c19be77c47b9c02324eff80e735235dc&sd=v2_650b2b730b069f1e203b48bbca1c4eb5_905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4_1630517316_1630517316_CNawjgYQmIhIGKqXn5O6LyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGj9wYbU7pDul8cBcAA&ui=905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4&pi=/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe&wi=-6240043044823222653&pt=text&vi=1630517316522&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%22%2C%22sec%22%3A%22ENTERTAINMENT%22%2C%22aut%22%3A%5B%22Joseph%20Lam%22%5D%2C%22img%22%3A%22https%3A%2F%2Fcontent.api.news%2Fv3%2Fimages%2Fbin%2F815e720df21961499cf1ca6fedfe88dc%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=19%3A28%3A36.894&id=5017&llvl=1&cv=20210901-6-RELEASE&
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Sep 2021 17:28:36 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 213ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b&tv=%7Bc:mZmOHq,time:350,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:350,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:171,wc:0.0.1600.1200,ac:800.47.1.1,am:i,cc:800.47.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B199~0%5D,as:%5B199~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuE6+11%7C12%7C13%7C14%7C15%7C16%7C17*.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt35.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 133ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fc7006b2-7fbb-bb6d-db97-1961661c2924&tv=%7Bc:mZmOHC,time:360,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:360,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:219,wc:0.0.1600.1200,ac:1126.1149.1.1,am:i,cc:1126.1149.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B147~0%5D,as:%5B147~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19.10507%7C191%7C1a*.10507%7C1a1%7C1b.10507%7C1b1%7C1c,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 86ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b4c60e8b-9210-0dbc-c4d2-c6b76538545d&tv=%7Bc:mZmOHD,time:358,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:358,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:228,wc:0.0.1600.1200,ac:795.218.10.10,am:i,cc:795.218.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B137~0%5D,as:%5B137~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19*.10507%7C191%7C1a.10507%7C1a1%7C1a2%7C1b.10507%7C1b1%7C1c,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 88ms
87ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=56933dee-6470-05e5-6277-040f9661fc61&tv=%7Bc:mZmOHE,time:357,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:357,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:247,wc:0.0.1600.1200,ac:799.4909.1.1,am:i,cc:799.4909.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B116~0%5D,as:%5B116~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuEb+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18*.10507%7C181%7C19.10507%7C191%7C192%7C1a1%7C1a2%7C1b.10507%7C1b1%7C1c,idMap:18*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4bf0bfe9-aa4f-da0c-43e6-09996c8fd680&tv=%7Bc:mZmOHF,time:354,type:e,env:%7Bar:self.0%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:354,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:256,wc:0.0.1600.1200,ac:987.4841.1.1,am:i,cc:987.4841.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B105~0%5D,as:%5B105~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:0,fm:sHMwuEb+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C182%7C19.10507%7C191%7C192%7C1a1%7C1a2%7C1b*.10507%7C1b1%7C1c,idMap:1b*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 5 KB
2 KB 65ms
38ms XHR
application/json 52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.1.1&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=5FE61C8B533204850A490D4D%40AdobeOrg&d_nsid=0&d_mid=76447737938200552981534748364879074200&d_blob=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&ts=1630517316952

Requested by

Host: tags.news.com.au
URL: https://tags.news.com.au/prod/metrics/metrics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

30ede199ce1ba234d15ef2d52597da2d4191a0c6d814ff55b4b7d7d3ab573392

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v015-029cd1af9.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: mTAKi++MRd4=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.gq.com.au
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 1542
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

ibs:dpid=23728&dpuuid=YS.4RY0sp5URf6e1.wOTNQAA%261175
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?s=183607&cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D23728%26dpuuid%3D__UID__&s=183607&C=1
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YS.4RY0sp5URf6e1.wOTNQAA%261175

42 B
945 B

35ms
35ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YS.4RY0sp5URf6e1.wOTNQAA%261175

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-019bef9bd.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ABWY45t7Ttc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YS.4RY0sp5URf6e1.wOTNQAA%261175
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 264
Expires: Wed, 01 Sep 2021 17:28:37 GMT

GET
H2 200 s33583648389302
metrics.gq.com.au/b/ss/newscorpau-nlmglobal/1/JS-2.22.0/ 43 B
245 B 22ms
22ms Image
image/gif 15.188.95.229
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metrics.gq.com.au/b/ss/newscorpau-nlmglobal/1/JS-2.22.0/s33583648389302?AQB=1&ndh=1&pf=1&t=1%2F8%2F2021%2019%3A28%3A37%203%20-120&mid=76447737938200552981534748364879074200&aamlh=6&ce=UTF-8&ns=newscorpau&cdp=3&g=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&cc=AUD&ch=D%3Dv4&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=D%3Dv1&v1=news%20corp%20au&h1=news%20corp%20au%7Cgq%7Cgq%20web%7Centertainment%7Cfilm%20tv%7Chas%20nefflixs%20la%20casa%20de%20papel%20inspired%20real%20life%20money%20heists%7Cnews%20story%7C37feda706e2193b852cba885010c71fe&c2=D%3Dv2&v2=gq&c3=D%3Dv3&v3=gq%20web&c4=D%3Dv4&v4=entertainment&c5=D%3Dv5&v5=film%20tv&c6=D%3Dv6&v6=has%20nefflixs%20la%20casa%20de%20papel%20inspired%20real%20life%20money%20heists&c7=D%3Dv7&v7=news%20story&c8=D%3Dv8&v8=37feda706e2193b852cba885010c71fe&c9=D%3Dv9&v9=story&c10=D%3Dg&v10=D%3DpageName&c11=D%3Dv11&v11=D%3Dvid&c14=D%3Dv14&v14=anonymous&c16=D%3Dv16&v16=37feda706e2193b852cba885010c71fe&c17=D%3Dv17&v17=has%20netflix%E2%80%99s%20la%20casa%20de%20papel%20inspired%20real%20life%20money%20heists%3F&c18=D%3Dv18&v18=joseph%20lam&c19=D%3Dv19&v19=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c20=D%3Dv20&v20=2019-11-26%2000%3A05%3A46&c22=D%3Dv22&v22=3%3A28%20AM%7CThursday&c24=D%3Dv24&v24=New&c30=First%20Visit&v34=D%3Dg&c46=D%3Dv46&v46=not%20logged%20in&v52=1600x1200%7Cwindows%7C10&v55=not%20logged%20in&c60=TypeError%3A%20Cannot%20set%20property%20%27eVar161%27%20of%20undefined&v77=D%3Dmid&v111=0&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=5FE61C8B533204850A490D4D%40AdobeOrg&AQE=1

Requested by

Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-95-229.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:37 GMT
x-content-type-options: nosniff
x-c: main-1506.I6462f6.M0-512
p3p: CP="This is not a P3P policy"
vary: *
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Thu, 02 Sep 2021 17:28:37 GMT
server: jag
xserver: anedge-f47784dbf-w5wk4
etag: 3501509277402005504-4619855103943459844
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 31 Aug 2021 17:28:37 GMT

GET
H/1.1

200
OK

ibs:dpid=30432&dpuuid=CI-4ab0ba9f1dab69d3398b49cc5704c00d
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://dt.scanscout.com/ssframework/uid?UIAA=76468966948559437041532359418872185474&url=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30432%26dpuuid%3D%5BUSER_ID%5D
https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-4ab0ba9f1dab69d3398b49cc5704c00d

42 B
945 B

34ms
34ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-4ab0ba9f1dab69d3398b49cc5704c00d

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v015-0ca26f85e.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hdc01rEcSL0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30432&dpuuid=CI-4ab0ba9f1dab69d3398b49cc5704c00d
Date: Wed, 01 Sep 2021 17:28:37 GMT
useSecure: true
Server: nginx/1.10.3
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 94ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b&tv=%7Bc:mZmOKO,pingTime:-10,time:560,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630517317117%7C%7C223845dc6054c035891f91ca3398eacc%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7Caa08c378f351772c41084d7ef903d52c%7C%7C7dccc8ed296614ce96552cac49689b5d%7C%7C312e05c99a27e42b55bdc5776b7370bf%7C%7Cf32c7841dc846517400575c9390fe19c%7C%7Cc3d7b58efb0fe42a0b02f267d7fa40bb%7C%7C1629390669%7D
Requested by: Host: www.gq.com.au
URL: https://www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt02.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200
OK

ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://ps.eyeota.net/match?bid=6j5b2cv&uid=76468966948559437041532359418872185474&r=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D30064%26dpuuid%3D%7BUUID_6j5b2cv%7D
https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

42 B
963 B

32ms
32ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30064&dpuuid=%7BUUID_6j5b2cv%7D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-020ef3183.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 104,303
X-TID: 3jf3BzR1Rn4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=30064&dpuuid={UUID_6j5b2cv}
Date: Wed, 01 Sep 2021 17:28:37 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021082701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ca9d7cd5e3949605bad885b731ea9f658021597cc00dd3dc1b94598d409807a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Sep 2021 17:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8466
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:37 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9B11 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gq.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 01 Sep 2021 16:59:58 GMT
expires: Thu, 01 Sep 2022 16:59:58 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE46 783 B
767 B 19ms
19ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1168286c4346f33baedfe9d7e7781953cd2969d289cfe060c3294207b0ff0258

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ziDRJcJf9QF+qMoBm+grfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.gq.com.au/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.gq.com.au/

Response headers

expires: Wed, 01 Sep 2021 17:28:37 GMT
date: Wed, 01 Sep 2021 17:28:37 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ziDRJcJf9QF+qMoBm+grfA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 3C97
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=adobe&id=76468966948559437041532359418872185474
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76468966948559437041532359418872185474

0
338 B

91ms
29ms

Image
text/plain

54.72.203.75
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76468966948559437041532359418872185474
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.203.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-203-75.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:37 GMT
cache-control: private, no-cache, no-store
x-request-time: D=60 t=1630517317
x-served-by: beacon-n009-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=adobe&id=76468966948559437041532359418872185474
date: Wed, 01 Sep 2021 17:28:37 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a012-ash-prod.krxd.net

GET
H3-29 200 3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B11 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3VBCxQMuFeflN3ldnXIT7YQtw8QPm-3IluxfpK8Vf0c.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 12:05:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19407
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13381
x-xss-protection: 0
last-modified: Mon, 23 Aug 2021 08:38:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Sep 2022 12:05:10 GMT

GET
H2 204 social
am-trc-events.taboola.com/newscorpau-aud-gqau/log/3/ 0
230 B 21ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/newscorpau-aud-gqau/log/3/social?route=AM:AM:V&lti=deflated&ri=c19be77c47b9c02324eff80e735235dc&sd=v2_650b2b730b069f1e203b48bbca1c4eb5_905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4_1630517316_1630517316_CNawjgYQmIhIGKqXn5O6LyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGj9wYbU7pDul8cBcAA&ui=905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4&pi=/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe&wi=-6240043044823222653&pt=text&vi=1630517316522&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-iframe%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_undefined_%22%2C%22hdl%22%3A%22Has%20Netflix%E2%80%99s%20La%20Casa%20De%20Papel%20Inspired%20Real%20Life%20Money%20Heists%3F%22%2C%22sec%22%3A%22ENTERTAINMENT%22%2C%22aut%22%3A%5B%22Joseph%20Lam%22%5D%2C%22img%22%3A%22https%3A%2F%2Fcontent.api.news%2Fv3%2Fimages%2Fbin%2F815e720df21961499cf1ca6fedfe88dc%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=19%3A28%3A37.324&id=6099&llvl=1&cv=20210901-6-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=134096&dpuuid=$_BK_UUID
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://tags.bluekai.com/site/43981?id=76468966948559437041532359418872185474&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D134096%26dpuuid%3D%24_BK_UUID
https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

42 B
963 B

33ms
32ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-0c662abda.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-Error: 303,104
X-TID: 2/PfEmvuR7g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=134096&dpuuid=$_BK_UUID
Date: Wed, 01 Sep 2021 17:28:37 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 93ms
93ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=56933dee-6470-05e5-6277-040f9661fc61&tv=%7Bc:mZmOPd,pingTime:-10,time:826,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630517317117%7C%7C223845dc6054c035891f91ca3398eacc%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7Caa08c378f351772c41084d7ef903d52c%7C%7C7dccc8ed296614ce96552cac49689b5d%7C%7C312e05c99a27e42b55bdc5776b7370bf%7C%7Cf32c7841dc846517400575c9390fe19c%7C%7Cc3d7b58efb0fe42a0b02f267d7fa40bb%7C%7C1629390669,sca:%7Bspg:6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt02.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 105ms
105ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gpt_2021082701&jk=1162070575984193&bg=!MDOlM3fNAAZOkH6FTpA7ACkAdvg8WnxDgY9nAiVGPXwKX9zCW2YXlepVU5kwKxiqRwpolnEAV-B0RQIAAABjUgAAAA1oAQcKAMVYc0NFjgDhgVnNZXW_QIyAiqh5BNCMdBuD5QJQ9T8XTy6rkArwP2MvblQLzGs84jKvS7nt_pAH2JsVbuFZ6LA5b3BVztgS3okm1Wuo5zKmMFH1g7kg4GDfbqRX5bsQ0akK9-1HQ7XDjE5CeAgSOuuJ5vPPsbSxa4c0Gw7caBhTge0TuLIm2nEyJGXAjQos5cWZv9OQ3fMpP1TByFVPWjzrRxngxJsJOE7dTysz-EL0WD7ZXOXTIgpVGIMNYhpfhBkHJfEqI5kCjiZVKCbH02gEu4zCgoCDc-M5patmHJb5mtg9tq3G8gurFWAs2ChLDlUxYxhaw9LmOfRcSZKHFHDMAtIrBHntOsIEzFXzNyKlCNLpzQMxcHVtJmeFzqSiqs3PHJVnvZruMo9BUQwISP9cmbILijjuaiDgAGcLKUOzonVmlCGlM3t8oE4ThAqZOvJkkw9plLjUdv0IzUBtopZDEIHAgFdtJ47tRY4k06wa3s7tgh9XfpxlRvma76VYo7eIeExWbe8B8AY7JogbiCxZjKJI9rSdwqk5dxkkdbk-zZwvtDj6eBRLIlhH_CeJJrJDJPU12M92GlSiJOHDQK0R75b0y7swoc6MbBKOkj__8O9ezvoW5s9_ZlBd5s11r4qRuiuSSmbM-8Qz-n5pmVbcyB51qXZoks2eLZZ4dIiZVI89LVVebhDaHNcJ0ROVLnQBE56MFDdjAg-tLCKzwqVr_-LpuG8PZxEV4TzyPppKhki57sEnBi8hjHUwY26YvoTcFqOq2nRIqrY8MTEUtQPisAwfcMkhwhulOd6d1-53MqRmECkdl7d6GbbO9bZbUyNgZ8jSWEJZ6LKkAXF9GbQsfAkS_btZdyJe6xkh8wtY9hI18o-WuZQsPKXaNI7ZwuBO5DJfEAvc7SuVVkK10bCE8rAgDX_EqOD2bURPIC7lpw-2sRUgeFQCM1-iumVSVpqp3ZLIwlcALxn5MMKbwYZ1gCCMrRwLZCL9z1z-VbgS1Bth7G1hlq6g8GJzFwsddTlpt0UYCQTxBpTAxc_AEUMKWp0h-9UCvg8rwP4R9Z1TqdO8lqHh0WEGytWBlr1FtBoxwhRuRryFdxz4rzn9jNtm_I7wUL6YG9B-n2WXuuwPNY4BW_6eKA
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVNfNFJRQUVKNTNuY1FCZw==&_test=YS_4RQAEJ53ncQBg

170 B
188 B

18ms
18ms

Image
image/png

216.58.212.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVNfNFJRQUVKNTNuY1FCZw==&_test=YS_4RQAEJ53ncQBg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630517318.601522,VS0,VE0
x-served-by: cache-fra19125-FRA
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WVNfNFJRQUVKNTNuY1FCZw==&_test=YS_4RQAEJ53ncQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9CFC 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss12TgwUFeVu3lXxQV7lGJVmYukHpB6L7C4sd1WVjgBQgCAwuAFO2OfS6w_3i6gwbzw-X--VnZuxnDETQr7KwV3fH9k_Su4XAEGRqT6y-Dbvr5zwNtQ&sig=Cg0ArKJSzGX4TDJPY5jDEAE&id=lidar2&mcvt=1001&p=218,795,228,805&asp=218,795,228,805&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210830&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3993282776&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1630517316291&rpt=173&isd=0&lsd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=YS_4RQAEJ0fpIwBg
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS_4RQAEJ0fpIwBg&expires=90&_test=YS_4RQAEJ0fpIwBg

0
239 B

88ms
24ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS_4RQAEJ0fpIwBg&expires=90&_test=YS_4RQAEJ0fpIwBg
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630517318.682774,VS0,VE0
x-served-by: cache-fra19125-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YS_4RQAEJ0fpIwBg&expires=90&_test=YS_4RQAEJ0fpIwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/newscorpau-aud-gqau/log/3/ 0
327 B 15ms
15ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/newscorpau-aud-gqau/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 8
pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630517318.603937,VS0,VE8
x-served-by: cache-fra19170-FRA
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.gq.com.au
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
content-type: image/gif
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 93ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b4c60e8b-9210-0dbc-c4d2-c6b76538545d&tv=%7Bc:mZmOSN,pingTime:-10,time:1050,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630517317117%7C%7C223845dc6054c035891f91ca3398eacc%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7Caa08c378f351772c41084d7ef903d52c%7C%7C7dccc8ed296614ce96552cac49689b5d%7C%7C312e05c99a27e42b55bdc5776b7370bf%7C%7Cf32c7841dc846517400575c9390fe19c%7C%7Cc3d7b58efb0fe42a0b02f267d7fa40bb%7C%7C1629390669,sca:%7Bspg:6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt02.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

POST
H2 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 3B17 28 B
197 B 20ms
19ms XHR
application/json 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/c29c59cf/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 120
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/NOyrvdSVTCA
X-YouTube-Client-Version: 1.20210829.0.0
X-YouTube-Time-Zone: Europe/Berlin
X-Goog-Visitor-Id: CgtacEU2VzJiY3ZLVSjD8L6JBg%3D%3D
X-YouTube-Ad-Signals: dt=1630517315453&flash=0&frm=2&u_tz=120&u_his=2&u_java&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug&u_nmime&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C556%2C311&vis=1&wgl=true&ca_type=image&bid=ANyPxKovrMeyJo9gUvteoqiXw94yQo7OJAboNdLyK_j0npiBvEKkiNdbmLagng-XXEXsdC24psh0Vk32BFf_xkb_Dk5-MP33ww

Response headers

date: Wed, 01 Sep 2021 17:28:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Wed, 01 Sep 2021 17:28:37 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS_4RQAEJ53ncQBg

43 B
883 B

32ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS_4RQAEJ53ncQBg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 01 Sep 2021 17:28:37 GMT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630517318.679430,VS0,VE0
x-served-by: cache-fra19125-FRA
x-cache: HIT
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YS_4RQAEJ53ncQBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=YS_4RQAEJ0fpIwBg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYS_4RQAEJ0fpIwBg

43 B
1 KB

19ms
18ms

Image
image/gif

185.33.221.89
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYS_4RQAEJ0fpIwBg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.89 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

719.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 716d34b4-a0ca-42cb-b00d-debc488bf345
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Proxy-Origin: 89.249.64.171; 89.249.64.171; 719.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dd911686-3871-4c0d-83da-d16bfacc3859
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYS_4RQAEJ0fpIwBg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

sd
us-u.openx.net/w/1.0/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YS_4RQAEJ0fpIwBg
https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS_4RQAEJ0fpIwBg

43 B
61 B

36ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS_4RQAEJ0fpIwBg
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.214.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 google
server: OXGW/16.214.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537148856&val=YS_4RQAEJ0fpIwBg
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 google
server: OXGW/16.214.0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 97ms
96ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b&tv=%7Bc:mZmOXt,time:1345,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1345,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:171,wc:0.0.1600.1200,ac:800.47.1.1,am:i,cc:800.47.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1194~0%5D,as:%5B1194~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:97,fm:sHMwuE6+11%7C12%7C13%7C14%7C15%7C16%7C17*.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt02.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 86ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fc7006b2-7fbb-bb6d-db97-1961661c2924&tv=%7Bc:mZmOY7,time:1383,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1384,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:219,wc:0.0.1600.1200,ac:1126.1149.1.1,am:i,cc:1126.1149.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1171~0%5D,as:%5B1171~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:250,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19.10507%7C191%7C1a*.10507%7C1a1%7C1b.10507%7C1b1%7C1c,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:37 GMT
X-Server-Name: dt48.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 104ms
104ms Image
image/gif 44.197.35.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gq.com.au&p=%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&u=CglMToDvcrJ0BN_MCU&d=gq.com.au&g=38302&g0=entertainment.film%20tv.has%20nefflixs%20la%20casa%20de%20papel%20inspired%20real%20life%20money%20heists.news%20story&g1=joseph%20lam&n=1&f=00001&c=0.04&x=0&m=0&y=6184&o=1600&w=1200&j=30&R=1&W=0&I=0&E=2&e=2&r=&b=2034&t=BkklRLGNzbDCbnwfVDVxgD7DK0qOE&V=128&tz=-120&_acct=anon&sn=2&sv=BZhEJpBdmV0_B0m2-MUzT-X298i&sd=1&im=067b0ff2&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.35.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-35-129.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:38 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b4c60e8b-9210-0dbc-c4d2-c6b76538545d&tv=%7Bc:mZmOYA,time:1409,type:e,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1409,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:228,wc:0.0.1600.1200,ac:795.218.10.10,am:i,cc:795.218.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1187~0%5D,as:%5B1187~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:94,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19*.10507%7C191%7C1a.10507%7C1a1%7C1a2%7C1b.10507%7C1b1%7C1c,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:38 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS_4RQAEJ0fpIwBg

1 B
412 B

15ms
14ms

Image
text/html

185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS_4RQAEJ0fpIwBg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:37 GMT
cache-control: no-store, no-cache, private
x-lat: amspug019:0:264
server: nginx
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630517318.991396,VS0,VE0
x-served-by: cache-fra19125-FRA
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YS_4RQAEJ0fpIwBg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fc7006b2-7fbb-bb6d-db97-1961661c2924&tv=%7Bc:mZmOYU,pingTime:-10,time:1432,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630517317117%7C%7C223845dc6054c035891f91ca3398eacc%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7Caa08c378f351772c41084d7ef903d52c%7C%7C7dccc8ed296614ce96552cac49689b5d%7C%7C312e05c99a27e42b55bdc5776b7370bf%7C%7Cf32c7841dc846517400575c9390fe19c%7C%7Cc3d7b58efb0fe42a0b02f267d7fa40bb%7C%7C1629390669,sca:%7Bspg:6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:38 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 87ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=4bf0bfe9-aa4f-da0c-43e6-09996c8fd680&tv=%7Bc:mZmOYZ,pingTime:-10,time:1428,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1630517317117%7C%7C223845dc6054c035891f91ca3398eacc%7C%7C605f01b1409979f1b4f5151f8eefb28a%7C%7Caa08c378f351772c41084d7ef903d52c%7C%7C7dccc8ed296614ce96552cac49689b5d%7C%7C312e05c99a27e42b55bdc5776b7370bf%7C%7Cf32c7841dc846517400575c9390fe19c%7C%7Cc3d7b58efb0fe42a0b02f267d7fa40bb%7C%7C1629390669,sca:%7Bspg:6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:38 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS_4RQAEJ0fpIwBg&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS_4RQAEJ0fpIwBg&img=1&__user_check__=1&sync_id=0b02c874-0b4a-11ec-a246-1a7cb9e30106

43 B
548 B

29ms
29ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YS_4RQAEJ0fpIwBg&img=1&__user_check__=1&sync_id=0b02c874-0b4a-11ec-a246-1a7cb9e30106
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 01 Sep 2021 17:28:38 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 56
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 01 Sep 2021 17:28:38 GMT
Server: nginx
Location: /partner?adv_id=6409&uid=YS_4RQAEJ0fpIwBg&img=1&__user_check__=1&sync_id=0b02c874-0b4a-11ec-a246-1a7cb9e30106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 22
Connection: keep-alive
Content-Length: 0

GET
H2 200 gn
secure-sdk.imrworldwide.com/cgi-bin/ 44 B
562 B 34ms
33ms Image
image/gif 54.194.202.134
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-sdk.imrworldwide.com/cgi-bin/gn?prd=dcr&ci=au-102695&ch=au-102695_b18_entertainment_S&asn=entertainment&fp_id=&fp_cr_tm=&fp_acc_tm=&fp_emm_tm=&ve_id=&sessionId=2cf7quzlbkmuz2x7nlyamnygmam1m1630517316&prv=1&c6=vc,b18&ca=NA&c13=asid,PCB0BEE8B-33E1-4197-9462-D07AD6280E09&c32=segA,NA&c33=segB,NA&c34=segC,DSK-OTT-WinPhn-OtherBrowser&c15=apn,&sup=1&segment2=&segment1=&forward=0&plugv=&playerv=&ad=0&cr=V&c9=devid,&enc=true&c1=nuid,999&at=view&rt=text&c16=sdkv,bj.6.0.0&c27=cln,0&crs=&lat=&lon=&c29=plid,16305173160973900&c30=bldv,6.0.0.602&st=dcr&c7=osgrp,&c8=devgrp,&c10=plt,&c40=adbid,&c14=osver,NA&c26=dmap,1&dd=&hrd=&wkd=&c35=adrsid,&c36=cref1,&c37=cref2,&c11=agg,1&c12=apv,&c51=adl,0&c52=noad,0&pc=NA&c53=fef,n&c54=oad,&c55=cref3,&c57=adldf,2&ai=1630517315779&c3=st,c&c64=starttm,1630517317&adid=1630517315779&c58=isLive,false&c59=sesid,&c61=createtm,1630517318&c63=pipMode,&uoo=&c68=bndlid,&nodeTM=&logTM=&c73=phtype,&c74=dvcnm,&c76=adbsnid,&c44=progen,&davty=0&si=https%3A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&c66=mediaurl,&sdd=retry,~~retryreason,~~devmodel,~~devtypid,~~sysname,~~sysversion,~~manuf,&c62=sendTime,1630517318&rnd=832816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.202.134 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-202-134.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:38 GMT
server: nginx
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-sdk.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

b.php
www.facebook.com/fr/ Frame 3C97
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS_4RQAEJ0fpIwBg&t=2592000&o=0

43 B
1 KB

103ms
103ms

Image
image/gif

2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS_4RQAEJ0fpIwBg&t=2592000&o=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 10:28:38 PDT
content-encoding: br
x-content-type-options: nosniff
content-security-policy-report-only: default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/;font-src data: *.facebook.com *.fbcdn.net;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;frame-src *.facebook.com *.fbsbx.com;worker-src blob:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: R8ORrDBwnQCAjmqwSPZqgSacBfVMD6xD+DH9SXgzvEU7Igj70npVfpglq7xGC/88WjfvtRfjlWaSPZgj3PP5Ww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coep_report"}
content-type: image/gif
vary: Accept-Encoding
cache-control: public, max-age=0
expires: Wed, 01 Sep 2021 10:28:38 PDT

Redirect headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:38 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1630517318.186254,VS0,VE0
x-served-by: cache-fra19125-FRA
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=YS_4RQAEJ0fpIwBg&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cm
trc.taboola.com/sg/adobe/1/ Frame 3C97 43 B
144 B 17ms
17ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/adobe/1/cm?gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Wed, 01 Sep 2021 17:28:38 GMT
via: 1.1 varnish
server: nginx
x-timer: S1630517318.283912,VS0,VE9
x-served-by: cache-fra19170-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1

200
OK

ibs:dpid=461447&dpuuid=RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003
dpm.demdex.net/ Frame 3C97
Redirect Chain

https://sync.1rx.io/usersync/adobe/0?dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D
https://sync.1rx.io/usersync/adobe/0?zcc=1&dspret=1&redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3D%5BRX_UUID%5D&cb=1630517318417
https://sync.targeting.unrulymedia.com/csync/RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003?redir=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D461447%26dpuuid%3DRX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003
https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003

42 B
945 B

34ms
34ms

Image
image/gif

52.48.145.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.48.145.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-48-145-41.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://newscorpau.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v015-0d2173653.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: KzdYtmnvTbw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=461447&dpuuid=RX-c72b447b-b8e0-40b1-a0a2-c8d2a2aa857f-003
date: Wed, 01 Sep 2021 17:28:38 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXc72b447bb8e040b1a0a2c8d2a2aa857f003
content-type: text/html

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 2 KB
1 KB 8ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id: iYtYacMlAb7PnD4NbVgysKvLj2fov4iK
content-encoding: gzip
etag: "3aa74dbf5cd656dbb65deda2d238ddbd"
age: 3226
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 911
x-amz-id-2: qQheTKeQES6bMdCZ/EuMmRskbiEN65W4DOuEKpUxChRbjEcyJKpTEG2fJKFHmn2GKELuYHBGLWM=
x-served-by: cache-fra19170-FRA
last-modified: Wed, 14 Jul 2021 05:06:01 GMT
server: AmazonS3
x-timer: S1630517319.584032,VS0,VE0
date: Wed, 01 Sep 2021 17:28:38 GMT
vary: Accept-Encoding
x-amz-request-id: X0T5G34XC8D2QGE8
via: 1.1 varnish
cache-control: private, max-age=3600
accept-ranges: bytes
content-type: application/javascript
abp: 79
x-cache-hits: 16581

GET
H2 200 / Show response
pips.taboola.com/ 64 B
239 B 20ms
5ms XHR
text/plain 2a04:4e42:3::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:3::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 01 Sep 2021 17:28:38 GMT
via: 1.1 varnish
server: Varnish
x-served-by: cache-fra19127-FRA
access-control-allow-methods: GET
access-control-allow-origin: https://www.gq.com.au
cache-control: no-store
x-cache: HIT
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H/1.1 204
No Content / Show response
cds.taboola.com/ 0
155 B 266ms
90ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4&uad=88fe5298c7fea4f29eb9f5eecd3ca68f39c1a33001a95f1237681695a706b75d
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 01 Sep 2021 17:28:38 GMT
Cache-Control: no-store
Server: nginx
Connection: close

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 86ms
86ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=6ea312f6-8ea7-c9b5-f6dd-0a02a13c5a3b&tv=%7Bc:mZmQ00,time:5346,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5346,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:171,wc:0.0.1600.1200,ac:800.47.1.1,am:i,cc:800.47.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5196~0%5D,as:%5B5196~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:100,fm:sHMwuE6+11%7C12%7C13%7C14%7C15%7C16%7C17*.10507%7C171%7C18.10507%7C181%7C19.10507%7C191%7C1a.10507%7C1a1%7C1b.10507%7C1b1%7C1c,idMap:17*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:41 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 86ms
85ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=fc7006b2-7fbb-bb6d-db97-1961661c2924&tv=%7Bc:mZmQ0F,time:5385,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5385,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:219,wc:0.0.1600.1200,ac:1126.1149.1.1,am:i,cc:1126.1149.1.1,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5173~0%5D,as:%5B5173~1.1%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:89,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19.10507%7C191%7C1a*.10507%7C1a1%7C1b.10507%7C1b1%7C1c,idMap:1a*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:41 GMT
X-Server-Name: dt51.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ 43 B
301 B 92ms
92ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=10507&asId=b4c60e8b-9210-0dbc-c4d2-c6b76538545d&tv=%7Bc:mZmQ19,time:5412,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fif:1,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:5412,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:228,wc:0.0.1600.1200,ac:795.218.10.10,am:i,cc:795.218.10.10,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B5190~0%5D,as:%5B5190~10.10%5D%7D%7D%5D,slEventCount:1,em:true,fr:true,e:,tt:jload,dtt:88,fm:sHMwuE8+11%7C12%7C13%7C14%7C15%7C16%7C171%7C172%7C18.10507%7C181%7C19*.10507%7C191%7C1a.10507%7C1a1%7C1a2%7C1b.10507%7C1b1%7C1c,idMap:19*,rmeas:1,rend:0,renddet:IMG.us%7D&br=u
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 01 Sep 2021 17:28:42 GMT
X-Server-Name: dt39.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H2 200 ping
ping.chartbeat.net/ 43 B
200 B 103ms
103ms Image
image/gif 44.197.35.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=gq.com.au&p=%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe&u=CglMToDvcrJ0BN_MCU&d=gq.com.au&g=38302&g0=entertainment.film%20tv.has%20nefflixs%20la%20casa%20de%20papel%20inspired%20real%20life%20money%20heists.news%20story&g1=joseph%20lam&n=1&f=00001&c=0.25&x=0&m=0&y=6184&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=3&r=&b=2034&t=BkklRLGNzbDCbnwfVDVxgD7DK0qOE&V=128&tz=-120&_acct=anon&sn=3&sv=BZhEJpBdmV0_B0m2-MUzT-X298i&sd=1&im=067b0ff2&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.35.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-35-129.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://www.gq.com.au/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Sep 2021 17:28:50 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

Verdicts & Comments Add Verdict or Comment

261 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

19 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 01:14:29	Name: dextp Value: 771-1-1630517316640\|903-1-1630517316756\|19566-1-1630517316863\|23728-1-1630517316963\|30432-1-1630517317068\|30064-1-1630517317169
.gigya.com/	1970-01-20 05:40:53	Name: ucid Value: mKjyVL31rtCSr9xlqYJRvw
.gigya.com/	1970-01-20 05:40:53	Name: gmid Value: gmid.ver4.AcbH5_sBKg.kHDy39WFlFR0rRdau9opH8dP74MBCdca-1HYo9PIS0AXoK_Y9JO16LaIgCpRxjIk.1GvgL5Afha6VB00e3WmpTHpAYvIYEsKPlFx1a_CPWy8j-0LgjN3kuaqW4wvvAMkqkP0vEop1w0p9mjl2VKQtGg.sc3
.gq.com.au/	1969-12-31 23:59:59	Name: s_ppv Value: https%253A%2F%2Fwww.gq.com.au%2Fentertainment%2Ffilm-tv%2Fhas-nefflixs-la-casa-de-papel-inspired-real-life-money-heists%2Fnews-story%2F37feda706e2193b852cba885010c71fe%2C19%2C19%2C1200
.gq.com.au/	1969-12-31 23:59:59	Name: s_cc Value: true
.gq.com.au/	1969-12-31 23:59:59	Name: tp Value: 6184
.gq.com.au/	1970-01-19 20:55:19	Name: s_ppn Value: no%20value
.gq.com.au/	1970-01-19 21:38:29	Name: s_nr Value: 1630517317062-New
.demdex.net/	1970-01-20 01:14:29	Name: demdex Value: 55909799649846419070342463677448021831
.gq.com.au/	1970-01-20 14:26:29	Name: AMCV_5FE61C8B533204850A490D4D%40AdobeOrg Value: -637568504%7CMCIDTS%7C18872%7CMCMID%7C76447737938200552981534748364879074200%7CMCAAMLH-1631122117%7C6%7CMCAAMB-1631122117%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1630524517s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18879%7CMCCIDH%7C0%7CvVersion%7C5.1.1
.gigya.com/	1970-01-20 01:15:52	Name: hasGmid Value: ver4
.gq.com.au/	1969-12-31 23:59:59	Name: AMCVS_5FE61C8B533204850A490D4D%40AdobeOrg Value: 1
.gq.com.au/	1970-01-20 05:40:53	Name: gig_bootstrap_3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O Value: _gigya_ver4
www.gq.com.au/	1970-01-20 05:40:53	Name: trc_cookie_storage Value: newscorpau-aud-gqau%253Asession-data%3Dv2_650b2b730b069f1e203b48bbca1c4eb5_905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4_1630517316_1630517316_CNawjgYQmIhIGKqXn5O6LyABKAEwODib4wlA_4kQSOOG2ANQpuwQWABgAGj9wYbU7pDul8cBcAA%7Ctaboola%2520global%253Alocal-storage-keys%3D%255B%2522newscorpau-aud-gqau%253Asession-data%2522%252C%2522taboola%2520global%253Auser-id%2522%255D%7Ctaboola%2520global%253Auser-id%3D905555ef-104a-44dc-b0d0-5c0a53a1aab2-tuct8293dc4
www.gq.com.au/	1970-01-19 20:55:19	Name: _tb_t_ppg Value: https%3A//www.gq.com.au/entertainment/film-tv/has-nefflixs-la-casa-de-papel-inspired-real-life-money-heists/news-story/37feda706e2193b852cba885010c71fe
.gq.com.au/	1970-01-19 20:55:19	Name: s_gdslv_s Value: First%20Visit
.gq.com.au/	1970-01-20 23:12:05	Name: s_gdslv Value: 1630517317063
www.gq.com.au/	1970-01-19 20:55:19	Name: _tb_sess_r Value:
www.gq.com.au/	1970-01-23 12:31:17	Name: _ncg_gigya_details Value: %7B%22user_id%22%3A%22%22%2C%22user_provider%22%3A%22gigya%22%7D

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://tags.tiqcdn.com/utag/newsltd/gq/prod/utag.js(Line 8) Message: UTRACK loaded (from tealium)
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 5) Message: AD CORE ERROR: TypeError: Cannot read property 'disc.segments' of null
console-api	log	URL: https://tags.news.com.au/prod/tad/tad.js(Line 5) Message: AD CORE ERROR: 17 function(e,a){var t=e.localStorage;t["disc.segments"]&&(a.ad_audi_segs=t["disc.segments"].split(",")\|\|[])}
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js(Line 6) Message: [GPT] Invalid arguments: PubAdsService.setTargeting('adl', false).
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021082701.js(Line 6) Message: [GPT] Invalid arguments: PubAdsService.setLocation(50.12).
console-api	log	URL: https://cdn.taboola.com/libtrc/impl.20210901-6-RELEASE.js(Line 3) Message: Exit TRCRBox.loadScriptCallback(retry=0): no items in response - native-thumbs-a
console-api	error	URL: https://cdns.gigya.com/JS/gigya.js?apikey=3_oj8nT6pLj0RTuSjcynrMADEj9iLj5-Aa25sGTeUNKXRbGU349nJtvYR7PoPq-Z9O(Line 63) Message: TypeError: Cannot read property 'setItem' of null
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.12.js(Line 32) Message: a: 0.001953125 ms

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Security-Policy	block-all-mixed-content; style-src https: 'unsafe-inline'; script-src https: blob: 'unsafe-inline' 'unsafe-eval'; img-src https: data:; frame-src https:; report-uri https://collectors.au.sumologic.com/receiver/v1/http/ZaVnC4dhaV2fq-TmkezxDM5kD77zglzTUyrlNqPe059oQhlSBcEFmaLaBbMi5G2BkSSJjyA6wJZ-iUDLrux0ATja4lHZr94sfyyTtdVcA_GiHULLYxFY7Q==
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2cf7quzlbkmuz2x7nlyamnygmam1m1630517316.nuid.imrworldwide.com
accounts.au1.gigya.com
adservice.google.com
adservice.google.de
am-trc-events.taboola.com
au.tags.newscgp.com
beacon.krxd.net
cdn-gl.imrworldwide.com
cdn.adsafeprotected.com
cdn.taboola.com
cdns.au1.gigya.com
cdns.gigya.com
cds.taboola.com
cm.everesttech.net
cm.g.doubleclick.net
content.api.news
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
dt.scanscout.com
ffbb7f2d4085dc9b8246ac046f570f76.safeframe.googlesyndication.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
image2.pubmatic.com
image5.pubmatic.com
log.outbrainimg.com
match.adsrvr.org
metrics.gq.com.au
newscorpau.demdex.net
origin.go.gq.com.au
pagead2.googlesyndication.com
ping.chartbeat.net
pips.taboola.com
pixel.adsafeprotected.com
pixel.rubiconproject.com
pixel.wp.com
ps.eyeota.net
s.w.org
sb.scorecardresearch.com
secure-gl.imrworldwide.com
secure-sdk.imrworldwide.com
securepubads.g.doubleclick.net
ssum.casalemedia.com
static.adsafeprotected.com
static.chartbeat.com
static.doubleclick.net
stats.wp.com
sync-tm.everesttech.net
sync.1rx.io
sync.search.spotxchange.com
sync.targeting.unrulymedia.com
tags.bluekai.com
tags.news.com.au
tags.tiqcdn.com
tcheck.outbrainimg.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
us-u.openx.net
usermatch.krxd.net
widget-pixels.outbrain.com
widget.perfectmarket.com
widgets.outbrain.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gq.com.au
www.gstatic.com
www.instagram.com
www.youtube.com
yt3.ggpht.com
104.111.215.191
104.244.36.20
13.248.242.197
13.32.121.17
13.32.121.26
141.226.224.32
141.226.228.48
142.250.181.226
15.188.95.229
151.101.13.181
151.101.13.44
151.101.14.49
172.217.16.130
18.203.33.226
18.66.112.31
184.30.24.194
185.33.221.89
185.64.189.110
185.94.180.126
192.0.76.3
192.0.77.48
199.127.207.182
2.18.232.28
2.18.233.169
2.18.233.180
2.18.233.28
2.18.234.190
2.18.234.21
2.18.234.36
2001:678:cb4:bbbb::13
213.19.147.44
213.19.147.45
216.58.212.130
2600:9000:223c:5c00:1e:a43d:b640:93a1
2600:9000:223f:7c00:1d:667e:2a40:93a1
2600:9000:2240:4800:2:42d9:3100:93a1
2600:9000:2240:800:18:1fcd:34f:cdc1
2a00:1450:4001:801::2002
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::2003
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2016
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a03:2880:f11c:8083:face:b00c:0:25de
2a03:2880:f21c:80e5:face:b00c:0:4420
2a04:4e42:3::300
2a04:fa87:fffd::c000:42b8
34.248.191.66
34.98.64.218
44.197.35.129
52.48.145.41
52.49.37.161
52.50.243.239
52.57.150.20
52.62.232.61
52.70.197.1
54.194.202.134
54.72.203.75
69.173.144.138
69.173.144.165
70.42.32.159
0004674b19a0f40b4a87e340894da0d8433c52bc6c122490a72d4857a037d682
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf5690bfc2df1a7da94594930825059f27949af60ec76b44b404e68d70b6806
0c077ffe580116935cc2e91a2b87e79806c0caae2aebc0c22af9a2f59c4d7ea2
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0e757799f0b1691d87ade77747b6761cc829fd69137b7673361c8d931928fdc3
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
1168286c4346f33baedfe9d7e7781953cd2969d289cfe060c3294207b0ff0258
14bbcee708f32f6e654872143051c280531e049011293f38b724df12cc4d7e6d
1b1768e07db6e9e71d168700bdd75d938cb45ddd4baea525d0624709dfe1b49f
1fea155b68a3e8af068ebe3dbe3193a0ecff504373860cb9593c9deb0a45494d
21e8e115180fe39141918de87d132bd4e974c8f49513485a054633e658258a05
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
294756ab620d8be581a903a8ccb3f9de4c3406b9d6f3bb724be96bc971ec18b9
2977f1e96ff27416b97b243a3eaf8e0d7c3c785d3b60afcf69203894d44bc8d3
2a87453753b5611e7806718ec99a837dc8068d9eb20b4b6b3bb0d38ee2bd84d4
2afcabe2eb6314148dfd9dfdec1333b973d97d0780cc08fddab8501afbb013e9
30ede199ce1ba234d15ef2d52597da2d4191a0c6d814ff55b4b7d7d3ab573392
318b47c0042bbc1bdee2d50b37d8d8b1c2a592978855b9de235dbd1a23ecbab8
3679d93f32c8a4019b71cd695be75acfcb43ef2ec7c728e45477a379909be8cd
38a19e94d058277f6fadcfda51d2ba5612c9ca4367c247e1c21bcdba33947e2d
397e6540378a195608cbd601f809c0c96b3ae9253fffeaf070769a8272838ad7
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
42a8837dbd43d015d769f0bf7fe2266207df9f244123b1ae7c9705f61ddea211
44119fd23818c33b6cdbb8d69c8ebb03c9a641810b5ce44cda7c49575123f258
47b2e4e5ae504cbefc5c71d8bab25c4571c65321f1009411150b689dcc2901f5
4aa6ae8759df27ee4f6df50f5e535cfd75ac7477a286a22647de5951f1955ee0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4df1680766bbc95546136b461b0e752cc113d9b7d54602443df92181e63f42fe
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fa646a4dbc10513ddeb70561789483638faf456e15186f4eb7291c5c455cbb6
516077519eede0118b61867968f7298201b7575c9fc9998f72afc52cfde44d04
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55e4952be9599ffd0c411a904a954ac984ed919d612ac2c044545a373aebd1f8
573306605c3186264c33d46e94e202171ad033bb06188610c1b33d24307e9221
58536f661fb04e243a1f39cca2557df0cadd6dc8c41b2f64c94473a78504aa35
5bad1b1121b3136928e666df1e759758bb3a6aa2ca4e09cd11462b6be758838f
5d645f9c0988efcfc7eeba0c89ae3876a1484a88b1f86183cde76883844aa4c8
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5fdc0b4ddf7e9486b5a149158aac1963a96eae4652602e4e4369a80b6254b66b
632f0985c1fa5aed6fbd406923c2d25987f382219b72412e1d7e4d6bdbd1bd7d
65c4731687298cd472f31c9cb9826b00f17ff00c89d6f1f7cea9a058b449200e
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
691a0943f972efd33176d858eae062bbfc14514e541ebf35a7c4873040ce69da
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6addda3cba0f775f7106f7d97104b96e1924f67eba02b15a0ab30246e745715a
6ca9d7cd5e3949605bad885b731ea9f658021597cc00dd3dc1b94598d409807a
6e68989f82549929bc73187be7a746aa6e76da689496596eea814bd740846a92
6fe77418e833f1ddfcf701ba7b6ebbd24efd2e93bce56065e0f1e711b1d829f8
720dbb7a8a9367b0740499170a849dbc9008f073652f850a76b9fa7597eea6bb
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
7236f2be2a7172e942a8401bcc8c6c6969d816e6a7ce4fcaa65347222f95f855
72db3a87909272a328d3f3340314c833418a176bf38e60b07a7c4c3c55faa852
75481bc06d1b02e50fd1cc921a7838e3af6caa9b8c0745b50182ebf29f195e20
7b72ea4aed9fd321b5bd1ee58076919c5ea0d2062ec4c7c651c114a7bce7a7c6
7bdda1d91d319d896018c082d43fca3eb3d8f68d8af937642baf8fb130ca7b4d
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7e94948cecae771c4877a3192e9549991e73794da83fc7a74211149ac1f330d0
7eb080eb46db07dac4eb7634268a208a357f1606ea2bfbdd174a55c81f8423d3
7faef21187e15aefd3d8a5a585ca32c66358f597a97f5abd276517eaea1057d3
802ca9fdab7c9e8625dbed1d121e35c774375707ffd2c1ad91c005fdfe4c4538
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
83aba90a479fac6e505eaf030bc8ad6f9e7a0cb2887edcbe65e5dafd2758c5e3
84b2051c012ad6cb45b30bee85f013ee273962cf42ceba1a4406947bf61655e5
88c7beaf6b852303169388018ca5ecfb79a44fafed5bedd633d34469a846a00f
8a590917d80f9162dc18089a14a9a21a0a1264854908ce6f5314591319f89d75
8b510b00b04bec88beb654a232c4086fa128f2bbcf2ecfb3ffc842e067398570
91b207c73c62ff76a1bb8c673a3166edc114347e5ea0248ed942b121ea253675
91de48b730b3fd4cf59e41c89c8408bb37429d3a76ef2f38eb6b7d5e7dd3a284
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
937feed71ffd28d1ec7d206fb85a997faa808ea562dbdace67adb4f2e6f2cd12
949a03bee7d03a38d36b7f3bd7823b4d6714bfb4116484d2f095d625746fb4e3
9973d4837254463d18af1f1fa3d201f5c46270b8516e1d1fa0886e14e1c39334
9b98042dcae55ae619759dd01e263f79971df676fbf93e7c9f4587393d5644b5
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a45c1e76d192f70d375bed09a1efb7381b3c9e42ba9491ad4da8bf4f208ec3b6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a53b289843b15d58a9574645ea05db23c5dd6663fc5e39f5c61528ae13de22f5
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a68098bde738b22639922e889230e777444f98da16b2777251af5b0dc5385a1b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a76ad90ce0d296d29806d222bd3f851d801fcbc5585324b06a659016214f3d08
b12e040aded4771f0bcb46f2285cac0e7ab60098e31ebca8d8b148fbfebc3c89
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b35a8fc1c00edbc9ae60c306c4cdfe48e0c0a73f3fc20f4455ab063418fff495
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b61dc6461c617cdbe7f1e6711a980c6cd76cd4402ef7f40d54991e6493a16633
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b8d54469be918f4a8dee30d099dc5bcce1eb96307d53c68e6e4fac7f1e7b1783
b92ad0a4155446d073295a68374ed61c1e64b2f6f7195bb1c077febc44cc2e68
bc737a01a72ef54ff0decd38e4ada36dad376930b764cabfad012682cdc262ae
bfa67e2ce103d04234fa84f7595c316d23f46eed219683f06e264fb27dc91637
bfb5489b02532c38719f160c9b65d3e5540a5c9a3bafb5ad94a725f1d3293444
c1ca15aa8598ac972f25c8812a1c189cd22f8926ec7b890bc8ea6a70a7779fd1
c234d3a6e7ff0a41542220e1202ea768bffeca48680c47de404653fa040a9c7c
c71925a466382b81b248c749e6f3298da9b911a97ee2a84dfe22239f8147ced1
c7770d54f662d542948f1b2a7351cb4643006e0f1cb60bb99dfb88fcba8b532c
c8dff6556ef21c63534bea2588dae5f528ea6cbac90836c0f85d1bc43297352f
c9fee604aa001e509a985a12bf93bc7cd45194df0e51893cd4ead393d1c04931
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d011fec891e4e7af8c7901fd7c25f7831bfc0d931b6ac9754c1b214ab2ab39bb
d160b7999ef36a6814e7e673a78ee2388f00131908cf533155005798db86cfff
d279869d3d02129f07b024581bf1ace829d253288b9d8857b2b2a6e7777721a3
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dd5042c5032e15e7e537795d9d7213ed842dc3c40f9bedc896ec5fa4af157f47
dd97c97147d141d2b4724fee75b06ee78877f8041ba4ce131fd45d117b78fe90
ddb7696d6d6af196822175ea28f0d4a8e12397d4ab3d3ef99ef1f6bf8410dda7
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
de93b456f0009a0250728db5300aeb160f02f74acf940a0579e4eb6f8e6f4ff2
def2e3026c60a959c6076dc3731bd2651cb04848efe5233be1e180dddc6b286e
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df15cf4481e505bc8c584dd98860101d285ddf9c0f3ce05f5f650b54cd81335a
e085a26eb51afeafde34e90158819cf99128beef358b4d83f897356b2edf71e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6df711875f42225884659bc20390832b499a9becef8d1e257360380e51ebeaa
e74b0814da007dbdb576846ebe32c0c7abff1d41cbd11372a4b68d5a84b51402
e891f08b9fc6dc0214069beaf7714b2508b2bf88c22e65db5c8da2ba277d5637
e909c80d84b3562dbf1797139c797eac8e91b11cfe94e96af9bdaaf7bbf53a56
ea622fea1b04e191a921831f919f8891280d18a83301a3359f6b5133584722a4
ebcfb8b26e00d03e8ce6b14ccb7aa138ceed8ba204d3c38c85933575578c4dd9
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ee7d7b8f826dac2825f3dc5bed85beca8206075c83e5f4c43302601917debb5c
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f309b7c03d9cae63a9bedbee6ed655f3dbcdb194132943639344dead5f3b9710
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8f7cfeaeceac7a3987e0bb743deb5698f4c3f8ca7d3f9694765d12748d616be
fb09d90dbc4d3671b24854bdcd686eb875b45d65f987264c986c5a1d557ad328
fd99192ea5db6810e236fe68153b3e1407e6a564ac3d853d0272aac6065eabd1
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.gq.com.au Open in urlscan Pro 2.18.233.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

222 Requests

100 %HTTPS

39 %IPv6

46 Domains

77 Subdomains

65 IPs

7 Countries

4095 kBTransfer

10240 kBSize

19 Cookies

20 Outgoing links

Page URL History

Redirected requests

222 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.gq.com.au Open in urlscan Pro
2.18.233.28 Public Scan

Screenshot
Live screenshot

Full Image

222
Requests

100 %
HTTPS

39 %
IPv6

46
Domains

77
Subdomains

65
IPs

7
Countries

4095 kB
Transfer

10240 kB
Size

19
Cookies

222 HTTP transactions
8 data transactions