www.vicnews.com Open in urlscan Pro
18.66.139.106 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.vicnews.com/
Effective URL:
https://www.vicnews.com/
Submission: On January 14 via manual (January 14th 2022, 1:44:52 pm UTC) from GB — Scanned from GB

Summary HTTP 313 Redirects Links 55 Behaviour Indicators

Summary

This website contacted 57 IPs in 7 countries across 45 domains to perform 313 HTTP transactions. The main IP is 18.66.139.106, located in United States and belongs to AMAZON-02, US. The main domain is www.vicnews.com. The Cisco Umbrella rank of the primary domain is 735538.
TLS certificate: Issued by Amazon on December 13th 2021. Valid for: a year.

This is the only time www.vicnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	18.66.139.106 18.66.139.106	16509 (AMAZON-02) (AMAZON-02)
38	94.31.29.99 94.31.29.99	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
1	18.66.97.8 18.66.97.8	16509 (AMAZON-02) (AMAZON-02)
1 3	34.249.68.36 34.249.68.36	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	151.101.1.194 151.101.1.194	54113 (FASTLY) (FASTLY)
6	104.111.214.80 104.111.214.80	16625 (AKAMAI-AS) (AKAMAI-AS)
2	146.148.100.136 146.148.100.136	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::622	54113 (FASTLY) (FASTLY)
1	2600:9000:225... 2600:9000:225e:dc00:1:a3fa:7cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:223... 2600:9000:223c:4600:18:1fcd:34f:cdc1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
11	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2600:9000:224... 2600:9000:2240:4800:16:8147:1b00:93a1	16509 (AMAZON-02) (AMAZON-02)
35	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	66.209.187.158 66.209.187.158	40438 (CANHOST-INC) (CANHOST-INC)
5	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	34.235.184.233 34.235.184.233	14618 (AMAZON-AES) (AMAZON-AES)
9	2606:4700:303... 2606:4700:3030::ac43:8fe0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2600:9000:223... 2600:9000:223e:200:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.32.99.68 13.32.99.68	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
10	2606:4700:303... 2606:4700:3032::ac43:cb69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.66.122.126 18.66.122.126	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2016	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80e::2006	15169 (GOOGLE) (GOOGLE)
1	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	199.187.193.166 199.187.193.166	47043 (SMARTADSE...) (SMARTADSERVER)
1 2	2600:1f18:612... 2600:1f18:612b:4200:2a91:c38f:5261:5805	14618 (AMAZON-AES) (AMAZON-AES)
1 1	8.2.111.137 8.2.111.137	46636 (NATCOWEB) (NATCOWEB)
1	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	8.39.36.142 8.39.36.142	26667 (RUBICONPR...) (RUBICONPROJECT)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.243.146 162.247.243.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.208.138.90 52.208.138.90	16509 (AMAZON-02) (AMAZON-02)
1	18.198.109.212 18.198.109.212	16509 (AMAZON-02) (AMAZON-02)
1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.171.124.114 35.171.124.114	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	35.156.119.137 35.156.119.137	16509 (AMAZON-02) (AMAZON-02)
313	57

2 18.66.139.106 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-139-106.fra60.r.cloudfront.net

www.vicnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 94.31.29.99 (United Kingdom)

ASN33438 (HIGHWINDS2, US)
PTR: 94.31.29.99.IPYX-077437-ZYO.above.net

4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-8.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.249.68.36 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com

ad.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.1.194 (United States)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.111.214.80 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-214-80.deploy.static.akamaitechnologies.com

oap.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vortex.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.accuweather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 146.148.100.136 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 136.100.148.146.bc.googleusercontent.com

www.canadianevergreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.westcoasttraveller.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::622 (United States)

ASN54113 (FASTLY, US)

image.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225e:dc00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

content.jwplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:4600:18:1fcd:34f:cdc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2240:4800:16:8147:1b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

files.dosomegood.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 66.209.187.158 (Kelowna, Canada)

ASN40438 (CANHOST-INC, CA)
PTR: host-66-209-187-158.canhost.ca

api.dosomegood.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.ie	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.235.184.233 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-235-184-233.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3030::ac43:8fe0 (United States)

ASN13335 (CLOUDFLARENET, US)

media.volinspire.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:223e:200:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.68 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-68.fra60.r.cloudfront.net

static.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.122.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-126.fra60.r.cloudfront.net

sb.freeskreen.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

ww1772.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.79.143.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.187.193.166 (Canada) 1 redirects

ASN47043 (SMARTADSERVER, CA)

sync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:2a91:c38f:5261:5805 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

scm.publishers.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.2.111.137 (United States) 1 redirects

ASN46636 (NATCOWEB, US)

cs.admanmedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadeu.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.39.36.142 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-west.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.146 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.208.138.90 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.109.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

sync.sharethis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.171.124.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-171-124-114.compute-1.amazonaws.com

thrtle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.119.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 175 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 static.doubleclick.net — Cisco Umbrella Rank: 341	356 KB
39	googlesyndication.com a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 127 8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 94	250 KB
38	netdna-ssl.com 4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com	1 MB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 245	705 KB
14	gstatic.com fonts.gstatic.com www.gstatic.com	68 KB
13	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258 fonts.googleapis.com — Cisco Umbrella Rank: 37	33 KB
11	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
11	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 151	397 KB
10	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 8550	5 KB
10	cloudfront.net d3plfjw9uod7ab.cloudfront.net	281 KB
10	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 69	16 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	731 KB
9	volinspire.com media.volinspire.com	270 KB
6	dosomegood.ca files.dosomegood.ca api.dosomegood.ca	902 KB
6	accuweather.com oap.accuweather.com — Cisco Umbrella Rank: 41395 vortex.accuweather.com — Cisco Umbrella Rank: 20570 www.accuweather.com — Cisco Umbrella Rank: 11384	97 KB
6	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	212 KB
5	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 906 eus.rubiconproject.com — Cisco Umbrella Rank: 503 token.rubiconproject.com — Cisco Umbrella Rank: 583 pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 4017	11 KB
5	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3303 adservice.google.co.uk — Cisco Umbrella Rank: 5259	2 KB
4	crwdcntrl.net 1 redirects tags.crwdcntrl.net — Cisco Umbrella Rank: 1395 ad.crwdcntrl.net — Cisco Umbrella Rank: 6331 bcp.crwdcntrl.net — Cisco Umbrella Rank: 538	14 KB
3	smartadserver.com 1 redirects ww1772.smartadserver.com — Cisco Umbrella Rank: 45547 sync.smartadserver.com — Cisco Umbrella Rank: 2718	854 B
3	freeskreen.com static.freeskreen.com — Cisco Umbrella Rank: 39510 sb.freeskreen.com — Cisco Umbrella Rank: 31559	32 KB
3	twitter.com platform.twitter.com — Cisco Umbrella Rank: 546 syndication.twitter.com — Cisco Umbrella Rank: 767	132 KB
2	tremorhub.com 1 redirects scm.publishers.tremorhub.com — Cisco Umbrella Rank: 45425	467 B
2	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 112	46 KB
2	vicnews.com 1 redirects www.vicnews.com — Cisco Umbrella Rank: 735538	37 KB
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 371	416 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 279	417 B
1	thrtle.com thrtle.com — Cisco Umbrella Rank: 964
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 402	304 B
1	sharethis.com sync.sharethis.com — Cisco Umbrella Rank: 2485	232 B
1	ml314.com ml314.com — Cisco Umbrella Rank: 1202	422 B
1	nr-data.net bam-cell.nr-data.net — Cisco Umbrella Rank: 327	715 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 320	13 KB
1	google.ie adservice.google.ie — Cisco Umbrella Rank: 93432	792 B
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 224	4 KB
1	exelator.com loadeu.exelator.com — Cisco Umbrella Rank: 7330	324 B
1	admanmedia.com 1 redirects cs.admanmedia.com — Cisco Umbrella Rank: 1882	444 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 960	201 B
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1071	14 KB
1	jwplatform.com content.jwplatform.com — Cisco Umbrella Rank: 3059	42 KB
1	issuu.com image.issuu.com — Cisco Umbrella Rank: 195678	32 KB
1	westcoasttraveller.com www.westcoasttraveller.com	120 KB
1	canadianevergreen.com www.canadianevergreen.com	80 KB
1	fastly.net includemodal.global.ssl.fastly.net — Cisco Umbrella Rank: 22927	34 KB
0	yahooapis.com Failed query.yahooapis.com Failed
313	45

	Domain	Requested by
38	4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com	www.vicnews.com 4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com
35	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.vicnews.com a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
20	tpc.googlesyndication.com	securepubads.g.doubleclick.net a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com tpc.googlesyndication.com www.vicnews.com
14	s0.2mdn.net	a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com s0.2mdn.net
12	fonts.googleapis.com	srcdoc
12	fonts.gstatic.com	www.youtube.com fonts.googleapis.com
11	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
11	www.googletagservices.com	www.vicnews.com securepubads.g.doubleclick.net a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
10	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.vicnews.com tpc.googlesyndication.com www.googletagservices.com
10	analyticssystems.net	www.vicnews.com a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
10	d3plfjw9uod7ab.cloudfront.net	securepubads.g.doubleclick.net a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
9	www.youtube.com	files.dosomegood.ca www.youtube.com
9	media.volinspire.com	www.vicnews.com
8	a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
8	www.google.com	www.vicnews.com securepubads.g.doubleclick.net www.youtube.com tpc.googlesyndication.com
6	www.googletagmanager.com	www.vicnews.com www.googletagmanager.com
5	stats.g.doubleclick.net	www.google-analytics.com
4	www.google.co.uk	www.vicnews.com
4	files.dosomegood.ca	www.vicnews.com files.dosomegood.ca
4	vortex.accuweather.com	oap.accuweather.com vortex.accuweather.com www.vicnews.com
2	bcp.crwdcntrl.net	1 redirects tags.crwdcntrl.net
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	scm.publishers.tremorhub.com	1 redirects www.vicnews.com
2	sync.smartadserver.com	1 redirects www.vicnews.com
2	eus.rubiconproject.com	sb.freeskreen.com eus.rubiconproject.com
2	i.ytimg.com	www.vicnews.com www.youtube.com
2	sb.freeskreen.com	static.freeskreen.com www.vicnews.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	api.dosomegood.ca	files.dosomegood.ca
2	platform.twitter.com	www.vicnews.com platform.twitter.com
2	www.vicnews.com	1 redirects
1	aa.agkn.com	bcp.crwdcntrl.net
1	idsync.rlcdn.com	bcp.crwdcntrl.net
1	thrtle.com	bcp.crwdcntrl.net
1	tags.bluekai.com	bcp.crwdcntrl.net
1	sync.sharethis.com	bcp.crwdcntrl.net
1	ml314.com	bcp.crwdcntrl.net
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.vicnews.com
1	pixel-us-west.rubiconproject.com	eus.rubiconproject.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.ie	securepubads.g.doubleclick.net
1	yt3.ggpht.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	googleads.g.doubleclick.net	www.youtube.com
1	loadeu.exelator.com	www.vicnews.com
1	cs.admanmedia.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	ww1772.smartadserver.com	sb.freeskreen.com
1	syndication.twitter.com	platform.twitter.com
1	static.freeskreen.com	securepubads.g.doubleclick.net
1	ping.chartbeat.net	www.vicnews.com
1	www.accuweather.com	vortex.accuweather.com
1	adservice.google.co.uk	securepubads.g.doubleclick.net
1	static.chartbeat.com	www.vicnews.com
1	content.jwplatform.com	www.vicnews.com
1	image.issuu.com	www.vicnews.com
1	www.westcoasttraveller.com	www.vicnews.com
1	www.canadianevergreen.com	www.vicnews.com
1	oap.accuweather.com	www.vicnews.com
1	includemodal.global.ssl.fastly.net	www.vicnews.com
1	ad.crwdcntrl.net	www.vicnews.com
1	tags.crwdcntrl.net	www.vicnews.com
1	ajax.googleapis.com	www.vicnews.com
0	query.yahooapis.com Failed	ajax.googleapis.com
313	66

This site contains links to these domains. Also see Links.

Domain
www.todayinbc.com
www.canadianevergreen.com
bclocalnews.com
www.bclocalnews.com
www.westcoasttraveller.com
autos.vicnews.com
www.usedvictoria.com
www.localwork.ca
winetrails.ca
www.facebook.com
blackpress.tv
blackpress.ca
twitter.com
www.instagram.com
www.accuweather.com
www.oakbaynews.com
www.goldstreamgazette.com
www.saanichnews.com
www.peninsulanewsreview.com
impresstv.blackpress.ca
www.canadiantire.ca
homes.vicnews.com
mailchi.mp
dosomegood.ca
bit.ly
youtu.be
www.cccu.ca
www.blackpress.ca
www.sookenewsmirror.com
www.mondaymag.com

Subject Issuer	Validity	Valid
www.goldstreamgazette.com Amazon	`2021-12-13` - `2023-01-11`	a year	crt.sh
*.netdna-ssl.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-22` - `2022-03-18`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2021-04-29` - `2022-05-31`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.freetls.fastly.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-27` - `2022-05-29`	a year	crt.sh
*.accuweather.com DigiCert TLS RSA SHA256 2020 CA1	`2021-08-16` - `2022-09-16`	a year	crt.sh
www.canadianevergreen.com R3	`2021-12-15` - `2022-03-15`	3 months	crt.sh
www.westcoasttraveller.com R3	`2021-12-10` - `2022-03-10`	3 months	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-27` - `2023-01-28`	a year	crt.sh
jwplayer.com Amazon	`2021-12-29` - `2023-01-25`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2021-05-20` - `2022-06-03`	a year	crt.sh
platform.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-29` - `2022-07-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
files.dosomegood.ca Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.dosomegood.ca Sectigo RSA Domain Validation Secure Server CA	`2021-01-07` - `2022-02-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-28` - `2022-06-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.freeskreen.com Amazon	`2021-12-19` - `2023-01-16`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
*.analyticssystems.net R3	`2021-12-08` - `2022-03-08`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2021-06-02` - `2022-06-07`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.ie GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.ml314.com Amazon	`2021-12-17` - `2023-01-14`	a year	crt.sh
sharethis.com Amazon	`2021-09-01` - `2022-09-30`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.thrtle.com Go Daddy Secure Certificate Authority - G2	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh

This page contains 35 frames:

Primary Page: https://www.vicnews.com/
Frame ID: F0D9718FC45DD414BAA6DAAD53AD396D
Requests: 129 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 71B51D4DFE59035F4A213C4475CBA94B
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fwww.vicnews.com
Frame ID: 70DB293AF9FE04CE095501F0F3621158
Requests: 2 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: 26123DF2DDAA3D27E35A14EF68A49DE2
Requests: 8 HTTP requests in this frame

Frame: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
Frame ID: A648155D241D83FD7B44322940E60F25
Requests: 18 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0EE8981AD0211BAD4EAC622D782FED18
Requests: 11 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7FBC79DB2CCDCE6806B2F53BEC3A15A7
Requests: 11 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: E757B637A6888AC9675E5D177BFC5AD6
Requests: 10 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B8A1D5CD2278D5F8BE3F9A106ADBCEA9
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Frame ID: FE5392521B19D245024B161088174B30
Requests: 4 HTTP requests in this frame

Frame: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Frame ID: 08E2074BD89BE5D8F6BA6F0AD9664D8B
Requests: 15 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/5096033271/1642092457341/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_970x30/index.html
Frame ID: 558FAB67BBF4963B23A2279F59AABAE0
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/15081979/1635527235540/BPMAE0000011756-001_House_Ads_No_Charge_REV1_970x90/index.html
Frame ID: CF1790FAD2748A94CC707F8EFB3059C4
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/5096033271/1642092457670/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_970x250/index.html
Frame ID: E040D02A4A279E766E38FB3829BCD2CD
Requests: 1 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 046BAEB734653EEB9595717BB38ED92B
Requests: 10 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E3D7B4B8EC112856D61396896F69266D
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A
Frame ID: BCD29E7D42847FC609CA2738C41F2A1D
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A
Frame ID: E00942D3990FE4D6163082107C4A0E14
Requests: 8 HTTP requests in this frame

Frame: https://8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A1351775B074815973619AE027FD5D5F
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6F6F4A25D2F7E5FDE8E497136C0C97F0
Requests: 2 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 196E02F333C155A2E8BD508B5C4B09D8
Requests: 10 HTTP requests in this frame

Frame: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C0751D4F202C663CB42F6A9F937A7B51
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/4822965595/1641582599147/BPMAE0000012738-001_BROWNS_THE_FLORIST_970x90/index.html
Frame ID: E3210A622D59CB990E208F86A72A1120
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/5096033271/1642092399768/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_300x250/index.html
Frame ID: CEBE19FB7078227D798804B37502F02A
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/4855319197/1641250507898/BPMAE0000012727-001_VICTORIA_ROYALS_970x90/index.html
Frame ID: 0B94957411D607D873A1FBA3643EC020
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%20Condensed:regular&text=W%2EBRONSTHEFLICM%20%7C%C2%A0
Frame ID: EFBF6FEB79F2B025AB429D9FB5E07C77
Requests: 12 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A
Frame ID: 634ED0FE3F09D371B4EF4B14ABA98A9A
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/126919/4676912773/1640723883206/BPMAE0000011990-001_ENTOURAGE_HAIR_REV3_970x90/index.html
Frame ID: DF0AC4A218E62AC713AB4D724AE487AC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD74C75570626B5CFD7687688CC1E99F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8267C01FA63FB2E5A04CD783B9E6E687
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Open%20Sans:regular&text=UNIT%20A6%2D10LDERSMH%0A%E2%80%8BOQVWY
Frame ID: E89F1D73366C19E0C6780A9AAD294B72
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 7EB86DF4AB2E407DB9B7D162339E45EE
Requests: 7 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Frame ID: BA9049E09510C48F165B0E3F4FF13877
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F4127223A006D7B7A501CE14B8E8A4B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0EB6567E3BE46541C376126BB6D8B44
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Victoria News – Victoria News

Page URL History Show full URLs

http://www.vicnews.com/ HTTP 301
https://www.vicnews.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

ZURB Foundation (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+foundation[^>"]+css

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

313
Requests

92 %
HTTPS

48 %
IPv6

45
Domains

66
Subdomains

57
IPs

7
Countries

7312 kB
Transfer

16345 kB
Size

32
Cookies

55 Outgoing links

These are links going to different origins than the main page.

URL: https://www.todayinbc.com/
Title: Today in B.C.

Search URL Search Domain Scan URL

URL: https://www.canadianevergreen.com/
Title: Cannabis

Search URL Search Domain Scan URL

URL: http://bclocalnews.com/
Title: BC

Search URL Search Domain Scan URL

URL: http://www.bclocalnews.com/sports/
Title: BC

Search URL Search Domain Scan URL

URL: https://www.westcoasttraveller.com/
Title: Travel

Search URL Search Domain Scan URL

URL: https://autos.vicnews.com/
Title: Autos

Search URL Search Domain Scan URL

URL: https://www.usedvictoria.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.localwork.ca/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://bclocalnews.com/business
Title: BC

Search URL Search Domain Scan URL

URL: http://bclocalnews.com/entertainment
Title: BC

Search URL Search Domain Scan URL

URL: http://winetrails.ca/
Title: Wine Trails

Search URL Search Domain Scan URL

URL: https://www.facebook.com/iLoveBritishColumbia
Title: I Love British Columbia

Search URL Search Domain Scan URL

URL: http://bclocalnews.com/opinion
Title: BC Opinion

Search URL Search Domain Scan URL

URL: http://blackpress.tv/
Title: Black Press TV

Search URL Search Domain Scan URL

URL: http://blackpress.ca/
Title: Black Press

Search URL Search Domain Scan URL

URL: https://www.facebook.com/victorianews

Search URL Search Domain Scan URL

URL: https://twitter.com/VictoriaNews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/victoria_news/

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/ca/victoria/v8r/weather-forecast/47163

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets?utm_source=www-vicnews-com&utm_medium=oap_weather_widget&utm_term=link_get_widget&utm_content=accuweather&utm_campaign=current
Title: Get this widget

Search URL Search Domain Scan URL

URL: https://www.accuweather.com/en/free-weather-widgets?utm_source=www-vicnews-com&utm_medium=oap_weather_widget&utm_term=link_get_widget_footer&utm_content=accuweather&utm_campaign=current
Title: Get widget

Search URL Search Domain Scan URL

URL: http://www.oakbaynews.com/
Title: Oak Bay News

Search URL Search Domain Scan URL

URL: http://www.goldstreamgazette.com/
Title: Goldstream News Gazette

Search URL Search Domain Scan URL

URL: http://www.saanichnews.com/
Title: Saanich News

Search URL Search Domain Scan URL

URL: http://www.peninsulanewsreview.com/
Title: Peninsula News

Search URL Search Domain Scan URL

URL: https://blackpress.tv/
Title: Black Press TV

Search URL Search Domain Scan URL

URL: http://impresstv.blackpress.ca/

Search URL Search Domain Scan URL

URL: https://www.canadiantire.ca/en/flyer.html

Search URL Search Domain Scan URL

URL: https://homes.vicnews.com/
Title: Today's Home

Search URL Search Domain Scan URL

URL: https://www.canadianevergreen.com/news/tilray-to-amp-up-push-for-more-market-share-after-reporting-6m-net-income-in-q2/

Search URL Search Domain Scan URL

URL: https://www.westcoasttraveller.com/lone-swan-on-whidbey-island-finally-gets-a-partner/

Search URL Search Domain Scan URL

URL: https://mailchi.mp/dosomegood/shareyourstories
Title: HERE

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/organization/first-west-foundation-348888
Title: First West Foundation

Search URL Search Domain Scan URL

URL: https://bit.ly/3ztH3MG
Title: https://bit.ly/3ztH3MG

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/envision-financial-a-division-of-first-west-credit-union-348888
Title: Envision Financial, a division of First West Credit Union

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/island-savings-a-division-of-first-west-credit-union-347668
Title: Island Savings a division of First West Credit Union

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/enderby-and-district-financial-a-division-of-first-west-cu-347788
Title: Enderby & District Financial, a division of First West CU

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/valley-firstadivisionof-first-west-credit-union-348681
Title: Valley First, a division of First West Credit Union

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/haven-sleep-co-348681
Title: Haven Sleep Co

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/coastal-community-credit-union-349592
Title: Coastal Community Credit Union

Search URL Search Domain Scan URL

URL: https://youtu.be/vBKRNrKn2Ss
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.cccu.ca/about/community/how-we-help
Title: https://www.cccu.ca/about/community/how-we-help

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/good-companies
Title: Good Companies

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/black-press-media-351274

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/bclc-348647

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/business/jillian-harris-design-inc

Search URL Search Domain Scan URL

URL: https://dosomegood.ca/community/businesses
Title: Show all...

Search URL Search Domain Scan URL

URL: https://www.blackpress.ca/publications/
Title: BLACK PRESS MEDIA

Search URL Search Domain Scan URL

URL: https://www.goldstreamgazette.com/
Title: Goldstream News Gazette

Search URL Search Domain Scan URL

URL: https://www.oakbaynews.com/
Title: Oak Bay News

Search URL Search Domain Scan URL

URL: https://www.peninsulanewsreview.com/
Title: Peninsula News

Search URL Search Domain Scan URL

URL: https://www.saanichnews.com/
Title: Saanich News

Search URL Search Domain Scan URL

URL: https://www.sookenewsmirror.com/
Title: Sooke News Mirror

Search URL Search Domain Scan URL

URL: https://www.mondaymag.com/
Title: Monday Magazine

Search URL Search Domain Scan URL

URL: http://www.blackpress.ca/
Title: Black Press Group Ltd.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.vicnews.com/ HTTP 301
https://www.vicnews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 164

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

Request Chain 165

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D HTTP 302
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1

Request Chain 166

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D HTTP 302
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D

Request Chain 167

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID} HTTP 302
https://sb.freeskreen.com/um?ac={$UID}

Request Chain 314

https://bcp.crwdcntrl.net/5/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr

313 HTTP transactions
27 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.vicnews.com/
Redirect Chain

http://www.vicnews.com/
https://www.vicnews.com/

190 KB
37 KB

243ms
170ms

Document
text/html

18.66.139.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.139.106 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-139-106.fra60.r.cloudfront.net

Software

nginx / WP Engine

Resource Hash

728da6489d38703fff1c6f0f3c35611500d6098b945d200d59457d580e15ff70

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 36311
date: Fri, 14 Jan 2022 13:44:42 GMT
server: nginx
x-frame-options: SAMEORIGIN
link: <https://www.vicnews.com/wp-json/>; rel="https://api.w.org/" <https://www.vicnews.com/wp-json/wp/v2/pages/154>; rel="alternate"; type="application/json" <https://www.vicnews.com/>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
x-cache-group: normal
accept-ranges: bytes
x-zephr-cache: hit
x-zephr-origin-timestamp: 2022-01-14T13:41:49.769Z
cache-control: no-cache, no-store, no-transform
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding,Accept-Encoding,Cookie
x-cache: Miss from cloudfront
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: zfmSOe2XOEHokbn3gPke_OZj8QKR_qf7rKyfdSklsS_CLPHoJfeWow==

Redirect headers

Server: CloudFront
Date: Fri, 14 Jan 2022 13:44:42 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.vicnews.com/
X-Cache: Redirect from cloudfront
Via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P4
X-Amz-Cf-Id: CRUkyzSY6kfIqykdxXUSvvbNjgeNS4I8lT59QEFDaQilNjxV3Bsygg==

GET
H2 200 style.min.css
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 97ms
40ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-includes/css/dist/block-library/style.min.css?ver=5.8.2
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:42 GMT
content-encoding: gzip
last-modified: Wed, 01 Sep 2021 04:05:58 GMT
server: NetDNA-cache/2.2
etag: W/"612efc26-13abe"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.min.css
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/ 291 KB
47 KB 471ms
414ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=477546816
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b9517520826c7286a1298e06934eafe8dc3cf7aaa60d0568f3a4f2d35aca1bf3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Wed, 05 Jan 2022 18:43:12 GMT
server: NetDNA-cache/2.2
etag: W/"61d5e6c0-48dfb"
vary: Accept-Encoding, Accept-Encoding
x-cache: MISS
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 featherlight.css
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/components/featherlight/ 3 KB
2 KB 97ms
41ms Stylesheet
text/css 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/components/featherlight/featherlight.css?ver=1.6.1
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4eecd11b7c5edcb48e0f17a117e40361ce82605e0d6d1d2d3bd5636eaa0ce28f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:42 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: W/"61bd1a48-ce3"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 110ms
33ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js?ver=2.1.0

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 04:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29478
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Jan 2023 04:44:14 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/14243/ 38 KB
11 KB 122ms
39ms Script
application/json 18.66.97.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/14243/cc.js?ns=_cc14243
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e6f2bba5ce0b9b38106234148f240e21674ee0b3c67eb520fa021a3bc7521cf2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 04:29:13 GMT
content-encoding: gzip
etag: W/"22e3ece7227cdd16e158249f736bffa0"
last-modified: Tue, 16 Jun 2020 15:01:46 GMT
server: AmazonS3
age: 33330
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
via: 1.1 c2e56cd54e2593df95ccca8a6d98c958.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: YIuw8AVDFQsKEDcxJOEkpAOu8NlAItuO-fgu2uQSr-ng9MygoYT-6A==

GET
H2 200 var=ccauds Show response
ad.crwdcntrl.net/5/c=14235/pe=y/ 70 B
305 B 113ms
34ms Script
application/javascript 34.249.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.crwdcntrl.net/5/c=14235/pe=y/var=ccauds
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:42 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.11.96
content-type: application/javascript;charset=utf-8
content-length: 70
expires: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 190ms
108ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17100516-1

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

91ee81473c12b0432e18c883c266b1977810757969e9bdfb6873d049605ccabf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36511
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:44:43 GMT

GET
H/1.1 200
OK sp.js Show response
includemodal.global.ssl.fastly.net/ 122 KB
34 KB 77ms
21ms Script
application/javascript 151.101.1.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/sp.js
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b1408d3409cf025b81587ee524f097153ec59c1e5dc04476ec29badb7e6d8e3c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: z8xuUp2GeeWG6XxzkF90jqldi2MZWDUp
Content-Encoding: gzip
ETag: W/"89b59c58f96fcd8018a16506a63e6fef"
Age: 1089
X-Cache: Hit from cloudfront, HIT
Connection: keep-alive
Content-Length: 33947
X-Served-By: cache-lhr7353-LHR
Last-Modified: Wed, 12 Jan 2022 22:16:58 GMT
Server: AmazonS3
X-Timer: S1642167883.847313,VS0,VE0
Date: Fri, 14 Jan 2022 13:44:42 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 71d62f2b54e1ac2dcda3d438900cc504.cloudfront.net (CloudFront), 1.1 varnish
Cache-Control: max-age=3600, public
X-Amz-Cf-Pop: LHR61-P2
Accept-Ranges: bytes
X-Amz-Cf-Id: rJwLSyyj1L4zaBNG0EQST7bs6ONd93OtsFFEq0w1vr4_AbOuC2jRkQ==
X-Cache-Hits: 6

GET
H2 200 launch.js Show response
oap.accuweather.com/ 17 KB
6 KB 151ms
32ms Script
application/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oap.accuweather.com/launch.js
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:42 GMT
content-encoding: gzip
etag: "8513a708788d21:0"
last-modified: Thu, 16 Feb 2017 19:04:02 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 6333

GET
H2 200 ImpressTV.png
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ 1 KB
1 KB 26ms
23ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ImpressTV.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4d74d7a1dc5eae37e46236249dc28454c0fea535c807509461b7a65d5e142cbf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: "61bd1a48-4e2"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1250

GET
H2 200 CanadianTire.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ 18 KB
18 KB 28ms
26ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/CanadianTire.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 767e445884a516b5b272713c012a16dd4c355f4b9d605a5d366a876b1f7403ab

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: "61bd1a48-4649"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 17993

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 74 KB
29 KB 171ms
90ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5WSKXDP

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2701d3a4c96041465ec17641c3f34f2d3e3395ac2d1143c12d55c6f1eb4f2e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29922
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:44:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
40 KB 128ms
47ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56M65DZ

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23d6ed861138f4455f0c963e3fe4c4eb80542a3ebe4eb1f8f38f068c304167b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40118
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:44:43 GMT

GET
H2 200 27822545_web1_220113-WCE-Tilraytoampuppushformoremarketshareafterreporting6MnetincomeinQ2_1-1024x683.jpg
www.canadianevergreen.com/wp-content/uploads/2022/01/ 80 KB
80 KB 527ms
155ms Image
image/jpeg 146.148.100.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.canadianevergreen.com/wp-content/uploads/2022/01/27822545_web1_220113-WCE-Tilraytoampuppushformoremarketshareafterreporting6MnetincomeinQ2_1-1024x683.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.100.136 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.100.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: 40770ac17098fcd945d5c731206b7506f8bf77b37af06a7ca69ada82583948da

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Fri, 14 Jan 2022 00:10:31 GMT
server: nginx
etag: "61e0bf77-13e29"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 81449

GET
H2 200 27803365_web1_copy_Two-Swans_0083-1024x682.jpeg
www.westcoasttraveller.com/wp-content/uploads/2022/01/ 120 KB
120 KB 534ms
156ms Image
image/jpeg 146.148.100.136
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.westcoasttraveller.com/wp-content/uploads/2022/01/27803365_web1_copy_Two-Swans_0083-1024x682.jpeg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 146.148.100.136 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.100.148.146.bc.googleusercontent.com
Software: nginx /
Resource Hash: d7a3ae0e26ae218f29b1f89bf587b2b3d373b2439fc96f8e536de9a6769f9d28

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Wed, 12 Jan 2022 19:02:33 GMT
server: nginx
etag: "61df25c9-1e057"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 122967

GET
H2 200 page_1_thumb_large.jpg
image.issuu.com/220113110513-f9c36e0da82573cd714929f79c01e726/jpg/ 32 KB
32 KB 96ms
21ms Image
image/jpeg 2a04:4e42:200::622
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image.issuu.com/220113110513-f9c36e0da82573cd714929f79c01e726/jpg/page_1_thumb_large.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eecf3ab620492e6e2e3a683988cb1ca9eb13f3a12c59327109e3779a4445ed4b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
via: 1.1 varnish, 1.1 varnish
age: 94983
x-cache: HIT, HIT
content-length: 32585
x-amz-id-2: GM4F00E9//aNyflXqOkpg6eiPi5A4/+7lVAybegXSBxWMm9YT5hivJGcz9GcO2CUo/3pa665zFM=
x-served-by: cache-iad-kcgs7200112-IAD, cache-lcy19266-LCY
last-modified: Thu, 13 Jan 2022 11:05:35 GMT
server: AmazonS3
x-timer: S1642167884.869484,VS0,VE1
etag: "f3055ee03ca43795eeee86d56da7571a"
x-amz-request-id: 773MWGTK6JBT6N1D
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: image/jpeg
x-cache-hits: 1, 1

GET
H2 200 submit.png
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ 1 KB
1 KB 28ms
26ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/submit.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5aeae9effa57334a2f01fe5bc138d28d2a378a9fa24b94bb37dcb5dc23135e86

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: "61bd1a48-48c"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 1164

GET
H2 200 BlackPressMedia.svg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/ 6 KB
3 KB 28ms
26ms Image
image/svg+xml 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/images/BlackPressMedia.svg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 847828ce76d2de856454fd299bb28a970df5c2a07496aa8372d82482f47b46a9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: W/"61bd1a48-186e"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 webvitals-0.2.2.js Show response
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/plugins/web-vitals-tracking//views/assets/js/ 8 KB
4 KB 23ms
23ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/plugins/web-vitals-tracking//views/assets/js/webvitals-0.2.2.js?ver=5.8.2
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c6b41a63cf7a39bf68deb8598c6d566238f427e651a4141d85aea79d04936c90

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:42 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:18:14 GMT
server: NetDNA-cache/2.2
etag: W/"5f43f656-1fec"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 yrJQMy68.js Show response
content.jwplatform.com/libraries/ 129 KB
42 KB 231ms
135ms Script
text/javascript 2600:9000:225e:dc00:1:a3fa:7cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content.jwplatform.com/libraries/yrJQMy68.js?ver=1.0.0
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:dc00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: openresty /
Resource Hash: 14876f4f20e33a14a759aecb5e292f297e291f200af19ae30eacb237a14678e4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
server: openresty
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=150, max-stale=180
content-length: 42908
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-cf-id: AMLFSiwKpzlVetruYQNz3tkOrup3Oq9e6tVzcqEaI2JfMt2690LBrw==
expires: Fri, 14 Jan 2022 13:47:11 GMT

GET
H2 200 featherlight.js Show response
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/components/featherlight/ 22 KB
8 KB 29ms
28ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/assets/components/featherlight/featherlight.js?ver=1.6.1
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: b663419733f90e316eda931466ed2777ac88965474ff4cb1cb8ce4e78f4aa87d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: W/"61bd1a48-58b0"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 foundation.min.js Show response
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/ 2 MB
464 KB 412ms
412ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/foundation.min.js?ver=2041480205
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a30cf27bf4f5e5a36691545e2adf296b8c7c8c8fca7d0d34fec9773b4cb1ac31

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Wed, 05 Jan 2022 18:43:11 GMT
server: NetDNA-cache/2.2
etag: W/"61d5e6bf-1dbf1e"
vary: Accept-Encoding, Accept-Encoding
x-cache: MISS
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 what-input.min.js Show response
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/what-input/ 2 KB
1 KB 22ms
22ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/javascript/what-input/what-input.min.js?ver=4.0.3
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ecda9bc7461947ae9c9a0a52eb4d2839d543283c48993a52631dba9eb4141fb6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: W/"61bd1a48-98f"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 wp-embed.min.js Show response
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-includes/js/ 1 KB
1016 B 24ms
22ms Script
application/javascript 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-includes/js/wp-embed.min.js?ver=5.8.2
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: NetDNA-cache/2.2
etag: W/"5ff5d754-592"
vary: Accept-Encoding, Accept-Encoding
x-cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 126ms
35ms Script
application/x-javascript 2600:9000:223c:4600:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:4600:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 12:26:08 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 02:25:57 GMT
server: nginx
age: 4715
etag: W/"61e0df35-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 80a51c83bb9479e2a3aa1ea59b366458.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA56-P2
x-amz-cf-id: aN1orxhDNzyGcfcKbUvllCJ4o6F2C-nXxeGrJVhaLZGdVk2Apz6rUg==
expires: Fri, 14 Jan 2022 14:26:08 GMT

GET
H2 200 widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 108ms
33ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
last-modified: Tue, 11 Jan 2022 20:08:29 GMT
etag: "b607db789ce85f01d2c97329a89acfde+gzip"
vary: Accept-Encoding
access-control-allow-methods: GET
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=1800
x-cache: HIT, HIT
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 29153
tw-cdn: FT
x-served-by: cache-iad-kjyo7100073-IAD, cache-fra19128-FRA

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 78 KB
27 KB 122ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b96e21adc8ecf230edda1374bf14d7a7839f04a1b38b863c9adb15b09e26da1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26925
x-xss-protection: 0
server: sffe
etag: "1101 / 201 of 1000 / last-modified: 1642162396"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jan 2022 13:44:43 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
vortex.accuweather.com/adc2010/oap/javascript/ 90 KB
33 KB 74ms
54ms Script
application/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Requested by: Host: oap.accuweather.com
URL: https://oap.accuweather.com/launch.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:43 GMT
content-encoding: gzip
etag: "aad455d39b55ce1:0"
last-modified: Mon, 20 May 2013 20:51:39 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 33817

GET
H2 200 dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 159 KB
160 KB 171ms
38ms Script
application/javascript 2600:9000:2240:4800:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8e64b6a5f5d5a0b8ea6607cce599ac853ab87509f1720e6da90f5d400a3014f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 06:50:30 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 18:52:35 GMT
server: AmazonS3
age: 24854
etag: "de27ea9eb231d9f28dc74977a0036506"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 163249
x-amz-cf-id: EovOx3h5OucB8BbJLKhsDfZxWkY56SCfCKEy-Hq83MMsKglSnjTDhg==

GET
H2 200 pubads_impl_2022011002.js Show response
securepubads.g.doubleclick.net/gpt/ 352 KB
119 KB 113ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 12:01:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6166
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121009
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 21:10:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Jan 2023 12:01:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 91 B
721 B 118ms
42ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.vicnews.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

42398b9197177b5545f8f0ac2e1d06a502fee0c31547a1776e15393993bbe752

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 85
x-xss-protection: 0
expires: Fri, 14 Jan 2022 13:44:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 111ms
34ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17100516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 590
date: Fri, 14 Jan 2022 13:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 15:34:54 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 64ms
62ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17100516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

37d2aff7031e01ae0560d951883775d97c9d8fefa780440f643d2d5e18a0db3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36518
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:44:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 47ms
45ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17100516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6473ebaf8c82600b4d52c041d815e04b384dfecf7012527569eb7f79ad1dddd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36506
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:44:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 91 KB
36 KB 55ms
55ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17099191-9&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17100516-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e7e86c2b9c0b982d273405f81374d4947398bfc3c0d131447505bff59c863d09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36514
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 13:44:44 GMT

GET
H2 200 media.dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 320 KB
320 KB 35ms
35ms Script
application/javascript 2600:9000:2240:4800:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/media.dsgw.js
Requested by: Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e1d758c731e4f8a1f8b5259adaec7cf55dae806aa278204e06d04e7bb21e2c2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 23:08:03 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 18:52:35 GMT
server: AmazonS3
age: 129307
etag: "36bc95d8ba8f3f94b3b75fa6b5330f1e"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 327333
x-amz-cf-id: KWdYofuybS2HcZUfroJSi7MT6Ln8IO2t9cua1qxcNEmIXeY66rM82g==

GET
H2 200 platform.dsgw.js Show response
files.dosomegood.ca/scripts/p/w/ 368 KB
368 KB 37ms
37ms Script
application/javascript 2600:9000:2240:4800:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/scripts/p/w/platform.dsgw.js
Requested by: Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3629c302d434d809ef14298003322c61a1ecd7d3903738beb8412903a06e3d16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 02:42:20 GMT
via: 1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
last-modified: Tue, 30 Nov 2021 18:52:35 GMT
server: AmazonS3
age: 39745
etag: "d3dccb85dbba3fe30c6ffab7480a43d4"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
content-length: 376406
x-amz-cf-id: hXkTbSnC3BvS6bX-Sm0hMYf-i358Q0jsIkBGaG5z90ABCaB9l6-2sw==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 88ms
46ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1962656279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1727920416&gjid=1808853235&cid=1888553978.1642167884&tid=UA-17100516-1&_gid=141747012.1642167884&_r=1&gtm=2ou1c0&z=2107794131

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 82ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1962656279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=2028430295&gjid=960929873&cid=1888553978.1642167884&tid=UA-17099191-3&_gid=141747012.1642167884&_r=1&gtm=2ou1c0&z=629338560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
45ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1962656279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=671470442&gjid=2143003014&cid=1888553978.1642167884&tid=UA-17099191-1&_gid=141747012.1642167884&_r=1&gtm=2ou1c0&z=713976938

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 76ms
43ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1962656279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAUABAAAAAC~&jid=1910388935&gjid=1048527344&cid=1888553978.1642167884&tid=UA-17099191-9&_gid=141747012.1642167884&_r=1&gtm=2ou1c0&z=842323433

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hqn1hJeLPMuAxKg Show response
api.dosomegood.ca/posts/cities/media/ 9 KB
4 KB 498ms
174ms Fetch
application/json 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/posts/cities/media/hqn1hJeLPMuAxKg?context=widget&limit=3&includeEndorsed=false&cityIds=351575,347815

Requested by

Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/media.dsgw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

nginx/1.13.6 /

Resource Hash

04ad731c6e5054016b44319196c463d6840fd435901ab9d3baf2a3047ef25b01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 19ms
date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: br
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID,X-Backoff
expires: Fri, 14 Jan 2022 13:44:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
73 B 85ms
29ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17099191-9&cid=1888553978.1642167884&jid=1910388935&gjid=1048527344&_gid=141747012.1642167884&_u=YEDAAUABAAAAAC~&z=677334224

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 13:44:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
445 B 84ms
28ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17099191-1&cid=1888553978.1642167884&jid=671470442&gjid=2143003014&_gid=141747012.1642167884&_u=YEDAAUABAAAAAC~&z=577858539

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 13:44:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
73 B 84ms
29ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17099191-3&cid=1888553978.1642167884&jid=2028430295&gjid=960929873&_gid=141747012.1642167884&_u=YEDAAUABAAAAAC~&z=158940306

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 13:44:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 84ms
30ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17100516-1&cid=1888553978.1642167884&jid=1727920416&gjid=1808853235&_gid=141747012.1642167884&_u=YEBAAUAAAAAAAC~&z=2112011489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 13:44:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
api.dosomegood.ca/community-partners/ 3 KB
1 KB 476ms
173ms Fetch
application/json 66.209.187.158
CANHOST-INC

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dosomegood.ca/community-partners/?cityIds=351575,347815&context=widget

Requested by

Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/platform.dsgw.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.209.187.158 Kelowna, Canada, ASN40438 (CANHOST-INC, CA),

Reverse DNS

host-66-209-187-158.canhost.ca

Software

nginx/1.13.6 /

Resource Hash

baa31e6a37a6ac9e8011f25fbd97e9d31707d917d756ea0438f0c5d3689e14c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 18ms
date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: br
server: nginx/1.13.6
access-control-max-age: 600
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, private
strict-transport-security: max-age=31536000
access-control-allow-headers: Content-Type,Authorization,X-Timezone,X-App-Version,X-Device-Name,X-Device-ID,X-Backoff
expires: Fri, 14 Jan 2022 13:44:43 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 137ms
61ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-9&cid=1888553978.1642167884&jid=1910388935&_u=YEDAAUABAAAAAC~&z=114378018

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 149ms
58ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-9&cid=1888553978.1642167884&jid=1910388935&_u=YEDAAUABAAAAAC~&z=114378018

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 133ms
59ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-3&cid=1888553978.1642167884&jid=2028430295&_u=YEDAAUABAAAAAC~&z=338574408

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
107 B 149ms
59ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-3&cid=1888553978.1642167884&jid=2028430295&_u=YEDAAUABAAAAAC~&z=338574408

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 135ms
62ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-1&cid=1888553978.1642167884&jid=671470442&_u=YEDAAUABAAAAAC~&z=931392468

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 146ms
57ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17099191-1&cid=1888553978.1642167884&jid=671470442&_u=YEDAAUABAAAAAC~&z=931392468

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fv-play-btn.png
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/images/ 2 KB
3 KB 22ms
21ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/images/fv-play-btn.png
Requested by: Host: 4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com
URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=477546816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 07989fce6a6a8a3e2d6a809effa05f2530edc3b4bd2ce0d4075d9754dc4b0e9b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=477546816
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: "61bd1a48-9c9"
vary: Accept-Encoding
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2505

GET
H2 200 fontawesome-webfont.woff2
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/fonts/ 65 KB
65 KB 66ms
21ms Font
font/woff2 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/fonts/fontawesome-webfont.woff2?v=4.5.0
Requested by: Host: 4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com
URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=477546816
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Request headers

Referer: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/themes/BlackPress/dest/css/foundation.min.css?ver=477546816
Origin: https://www.vicnews.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Fri, 17 Dec 2021 23:16:24 GMT
server: NetDNA-cache/2.2
etag: "61bd1a48-10440"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 66624

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 158ms
49ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.vicnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 130ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vicnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 464ms
421ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit0&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x30%7C970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884735&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=202&adks=635914923&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5b81c92761392757029b506aa0f4375d79cc67758c0dae349a4e5eb1ec5ca77e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8789
x-xss-protection: 0
google-lineitem-id: 5842026174
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378434413
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 455ms
414ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit1&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884740&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=753&adks=3984404392&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=970x15&msz=970x15&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

512022fa5de5495d3b452e21c96170f75a467bf9b6e89da779343faeb561b917

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9002
x-xss-protection: 0
google-lineitem-id: 5842026174
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378434584
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 874ms
833ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit3&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884741&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=2220&adks=3422903207&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a65142d3adfb3ba55652c518ae1f2824e2ff430c8371bc485ba88f46b83fd58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8952
x-xss-protection: 0
google-lineitem-id: 5822610225
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138369483495
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 1446ms
1405ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit5&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884742&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=3113&adks=254253508&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e88589a7b64717579ecb1461176505cccfe9b0984c42f4972e426dc9adc3ddcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8968
x-xss-protection: 0
google-lineitem-id: 5846506554
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377900314
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
12 KB 665ms
625ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit7&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884744&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=4234&adks=2240521934&ucis=5&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

a3b96368369f7b3e5080b49b59c3c96d8f3e00c3f20c35bea324f49fe5b2a223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12570
x-xss-protection: 0
google-lineitem-id: 5876260205
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138378064333
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
8 KB 1655ms
1615ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit9&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884745&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=5060&adks=1371688121&ucis=6&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1024x15&msz=994x15&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

1f1e2b9fc7db7293f9acdbb9f8cebc3a69f6a3da07833bbac64e0b810e1de03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8550
x-xss-protection: 0
google-lineitem-id: 5531326945
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377020096
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
9 KB 1190ms
1150ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit11&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884746&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=5692&adks=2333070162&ucis=7&ifi=7&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x15&msz=994x15&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

12e30944fe6674c8e5ba50af5d6799ef4ad80182df101abf97d3879122361f3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8976
x-xss-protection: 0
google-lineitem-id: 5789457823
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138364616919
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 1647ms
1607ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit13&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884748&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=303&adys=6272&adks=2088326607&ucis=8&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=994x0&msz=994x0&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

44cd9fe49edb103ac3cc88657d18ff0e0688138a4fcae6a793366b43cc7461e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8833
x-xss-protection: 0
google-lineitem-id: 5801252622
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377482855
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
8 KB 126ms
86ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cvendor_library_0&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884751&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=8153&adks=3346448585&ucis=9&ifi=9&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=1600x8153&msz=1x-1&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

bd5ca88938d0fa04efcde126f13b5ffa5e22a6e21c2e7907cf875ce610b8fe4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8431
x-xss-protection: 0
google-lineitem-id: 4417344124
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138210660707
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
9 KB 1453ms
1413ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2227910275115628&correlator=3741370127505657&output=ldjh&impl=fif&eid=31064083&vrg=2022011002&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=1036919%2Cadunit22&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&eri=1&cust_params=ccaud%3D%26site%3Dvicnews.com%26section%3Dros%252Chome&cookie_enabled=1&bc=31&abxe=1&lmt=1642167884&dt=1642167884753&dlt=1642167882764&idt=1436&frm=20&biw=1600&bih=1200&oid=2&adxs=-12245933&adys=-12245933&adks=1041647911&ucis=a&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=1888553978.1642167884&ga_sid=1642167885&ga_hid=1962656279&ga_fc=true&fws=128&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

485406eab1653549b93fba2d2b83bd7903bd1ad9ef111cfa6db51bc5818a21f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8740
x-xss-protection: 0
google-lineitem-id: 5842024515
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377950148
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 71B5 6 KB
4 KB 171ms
47ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 widgets-20170109.css
vortex.accuweather.com/adc2010/oap/stylesheets/ 112 KB
14 KB 33ms
33ms Stylesheet
text/css 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://vortex.accuweather.com/adc2010/oap/stylesheets/widgets-20170109.css
Requested by: Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
etag: "43ca979bc36ad21:0"
last-modified: Mon, 09 Jan 2017 21:59:10 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=86400
servername: origin-v01
accept-ranges: bytes
content-length: 13968

GET
H2 200 current Show response
www.accuweather.com/ajax-service/oap/ 3 KB
4 KB 208ms
182ms Script
text/javascript 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.accuweather.com/ajax-service/oap/current?callback=jQuery1910706123723138198_1642167883910&uid=awcc1517422096176&locationkey=47163&unit=c&language=en-us&useip=false&targeturl=%2Fweather%2F&css=&_=1642167883911

Requested by

Host: vortex.accuweather.com
URL: https://vortex.accuweather.com/adc2010/oap/javascript/jquery-1.9.1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-214-80.deploy.static.akamaitechnologies.com

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e0ed409398973fa288ded5fef87549f872d6b5e2eb72886b0e5e0cef9a799065

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000 ; includeSubDomains ; preload

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, no-store, no-cache, must-revalidate, max-age=0
server-timing: cdn-cache; desc=MISS, edge; dur=26, origin; dur=118
servername: gweb-v03
strict-transport-security: max-age=15768000 ; includeSubDomains ; preload
content-length: 993

GET
H2 200 widget_iframe.e37c957bd3ae00473b95800b99e19cff.html Show response
platform.twitter.com/widgets/ Frame 70DB 319 KB
103 KB 65ms
65ms Document
text/html 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fwww.vicnews.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

last-modified: Tue, 11 Jan 2022 20:06:54 GMT
cache-control: public, max-age=315360000
content-type: text/html; charset=utf-8
etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
content-encoding: gzip
access-control-allow-methods: GET
access-control-allow-origin: *
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
accept-ranges: bytes
date: Fri, 14 Jan 2022 13:44:44 GMT
x-served-by: cache-iad-kjyo7100031-IAD, cache-fra19128-FRA
x-cache: HIT, HIT
vary: Accept-Encoding
tw-cdn: FT
content-length: 105433

GET
H2 200 27788090_web1_200902-GNG-Hedstrom-House_1-640x427.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 103 KB
103 KB 281ms
279ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27788090_web1_200902-GNG-Hedstrom-House_1-640x427.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 4ac9d95327a46f8e7ba54f99217f67611a10f4c8eb4c1b1809686d24b28dcba3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Fri, 14 Jan 2022 13:16:01 GMT
server: NetDNA-cache/2.2
etag: "61e17791-19a89"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 105097
expires: Sun, 13 Feb 2022 13:44:44 GMT

GET
H2 200 27803653_web1_20210317-BPD-Ravi-Kahlon-mar17.21.bcg-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 12 KB
12 KB 281ms
279ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27803653_web1_20210317-BPD-Ravi-Kahlon-mar17.21.bcg-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 31e094c447759125b88f9012874bdf603301d99703a77718e56f0f59ae2168d9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Wed, 12 Jan 2022 19:42:14 GMT
server: NetDNA-cache/2.2
etag: "61df2f16-2fad"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 12205
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 27822926_web1_210422-SUL-OutbreakSMH-main_1-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 22 KB
22 KB 280ms
277ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27822926_web1_210422-SUL-OutbreakSMH-main_1-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 3672bea8395ad10c86323a17a3a9023e006b1344694edcc60011ed753915cf1c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Fri, 14 Jan 2022 00:02:39 GMT
server: NetDNA-cache/2.2
etag: "61e0bd9f-5701"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 22273
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 27822456_web1_20211229-BPD-dix-henry-pharmacy-dec14.21.bcg-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 19 KB
19 KB 288ms
282ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27822456_web1_20211229-BPD-dix-henry-pharmacy-dec14.21.bcg-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: a9768898aff83f21ad86e870521d5950ec2016e3e71a0338c299d92de1293991

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Thu, 13 Jan 2022 23:42:15 GMT
server: NetDNA-cache/2.2
etag: "61e0b8d7-4aaa"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 19114
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 27815315_web1_Lytton-fire-GeraldTwitter-300x197.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 14 KB
15 KB 280ms
275ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27815315_web1_Lytton-fire-GeraldTwitter-300x197.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6d38061da8e00723b973cf0cf7ec69b0913babaf65bc4fabd3ff2a89e9b9de2c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Thu, 13 Jan 2022 23:33:40 GMT
server: NetDNA-cache/2.2
etag: "61e0b6d4-38fe"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 14590
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 27822048_web1_20220113160148-61e09e893fc971d6215278c0jpeg-300x197.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 15 KB
15 KB 280ms
275ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27822048_web1_20220113160148-61e09e893fc971d6215278c0jpeg-300x197.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 8429ee59d5d95144466d7413643de29e3510229af8bfd87b05b44454448ce43c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Thu, 13 Jan 2022 23:30:59 GMT
server: NetDNA-cache/2.2
etag: "61e0b633-3b08"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 15112
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 27698989_web1_220110-Impress-VNE-OspreyTreeService-trees_1-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 30 KB
30 KB 27ms
22ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27698989_web1_220110-Impress-VNE-OspreyTreeService-trees_1-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 12cc8a8c6b1a93a053c9b680e565983dde1cc4e531b423b5183ae12d41ed277c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Mon, 10 Jan 2022 14:01:06 GMT
server: NetDNA-cache/2.2
etag: "61dc3c22-78ab"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 30891
expires: Thu, 10 Feb 2022 10:11:11 GMT

GET
H2 200 27465335_web1_220110-Impress-VNE-BerwickHouse-seniors_1-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 22 KB
23 KB 31ms
26ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27465335_web1_220110-Impress-VNE-BerwickHouse-seniors_1-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 423db23bb2f572f66b990e1f00b57fbf2c4e7ce4218e55b9e02aed41d9460fd6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Mon, 10 Jan 2022 14:01:12 GMT
server: NetDNA-cache/2.2
etag: "61dc3c28-596e"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 22894
expires: Thu, 10 Feb 2022 10:11:11 GMT

GET
H2 200 27809465_web1_220112-LAT-TruckDoughnuts3-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 18 KB
18 KB 32ms
27ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27809465_web1_220112-LAT-TruckDoughnuts3-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9a56a80cfbd87bcd83879b36aa8ed431326879e2463b4e4652377f44b1f622ff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Wed, 12 Jan 2022 22:41:44 GMT
server: NetDNA-cache/2.2
etag: "61df5928-461a"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 17946
expires: Sat, 12 Feb 2022 15:21:29 GMT

GET
H2 200 27787794_web1_20220111110120-61ddaedf2a68d7f8ab2a97e0jpeg-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 15 KB
16 KB 34ms
29ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27787794_web1_20220111110120-61ddaedf2a68d7f8ab2a97e0jpeg-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5c1def94c2e6b1052c5c23e8fef1791e4c4d6e32d82603cfcab9889985aa0416

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Tue, 11 Jan 2022 19:25:35 GMT
server: NetDNA-cache/2.2
etag: "61ddd9af-3d1b"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 15643
expires: Sat, 12 Feb 2022 04:14:43 GMT

GET
H2 200 27777366_web1_2022011012014-61dc67ca9a67c0b7cdc6eb92jpeg-300x201.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 7 KB
7 KB 42ms
37ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27777366_web1_2022011012014-61dc67ca9a67c0b7cdc6eb92jpeg-300x201.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 91e440c12bc7ab89da456af7977a7822d5ed0530cba7cfc606d46ec53ef11807

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Mon, 10 Jan 2022 22:16:12 GMT
server: NetDNA-cache/2.2
etag: "61dcb02c-1c05"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 7173
expires: Thu, 10 Feb 2022 10:11:11 GMT

GET
H2 200 27763719_web1_220103-SFE-TELESCOPE_1-300x200.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 27 KB
27 KB 43ms
39ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27763719_web1_220103-SFE-TELESCOPE_1-300x200.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 5f05a0a756f162def9263e564d58b33b32f65815ad59a320cd975bba0b49bff0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Sat, 08 Jan 2022 21:31:10 GMT
server: NetDNA-cache/2.2
etag: "61da029e-6b5a"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 27482
expires: Thu, 10 Feb 2022 10:11:11 GMT

GET
H2 200 27815635_web1_180829-LAT-Sandhill-Murrayville-Dev-2_4-640x427.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 109 KB
110 KB 45ms
41ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27815635_web1_180829-LAT-Sandhill-Murrayville-Dev-2_4-640x427.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 7ee7da6701b0e8f97f1e68db244f56f0a449e0db12454ba66e053f9924413833

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Fri, 14 Jan 2022 00:30:58 GMT
server: NetDNA-cache/2.2
etag: "61e0c442-1b4d1"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 111825
expires: Sun, 13 Feb 2022 01:03:17 GMT

GET
H2 200 27815505_web1_220113-VNE-Dandelion-OutreachOurPlace-photo_1-640x427.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 67 KB
68 KB 55ms
51ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27815505_web1_220113-VNE-Dandelion-OutreachOurPlace-photo_1-640x427.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 329db6e8e06675d2772e86e236de8f20081e9d2653c3c64c408464f9e10c34b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Fri, 14 Jan 2022 00:01:31 GMT
server: NetDNA-cache/2.2
etag: "61e0bd5b-10cdf"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 68831
expires: Sun, 13 Feb 2022 00:19:24 GMT

GET
H2 200 27818265_web1_220113-WLT-JessicaJames-LostCarRescue_2-640x427.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 62 KB
62 KB 360ms
356ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27818265_web1_220113-WLT-JessicaJames-LostCarRescue_2-640x427.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e2e654e5dfb231cf765551a11f9a94cc83c7cc1d7f84fb9d8c119736ab66dc16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Thu, 13 Jan 2022 20:45:48 GMT
server: NetDNA-cache/2.2
etag: "61e08f7c-f865"
vary: Accept-Encoding
x-cache: MISS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 63589
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 27814461_web1_20220112170136-16f8ff3b-67ea-47bb-97f9-c0f79255eab3-640x438.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 54 KB
54 KB 55ms
51ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27814461_web1_20220112170136-16f8ff3b-67ea-47bb-97f9-c0f79255eab3-640x438.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: e8ee191c185387e7f19f53cc190439cb23988dc2033b6249cf3b479c4c0f6e8e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Thu, 13 Jan 2022 19:15:06 GMT
server: NetDNA-cache/2.2
etag: "61e07a3a-d70d"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 55053
expires: Sun, 13 Feb 2022 07:28:24 GMT

GET
H2 200 27815361_web1_220120-SNM-Prize-Home-Sooke-PHOTO_1-640x431.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 57 KB
58 KB 55ms
51ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27815361_web1_220120-SNM-Prize-Home-Sooke-PHOTO_1-640x431.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9441affa4466bff426b0a969690d957f24719bfd7aa82ef64e35f1998b2c8c42

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Thu, 13 Jan 2022 21:30:26 GMT
server: NetDNA-cache/2.2
etag: "61e099f2-e4b7"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 58551
expires: Sat, 12 Feb 2022 21:34:03 GMT

GET
H2 200 27788712_web1_220111-PNR-ElkLakeFundraiser-Gentina_1-640x427.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 30 KB
31 KB 55ms
52ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/27788712_web1_220111-PNR-ElkLakeFundraiser-Gentina_1-640x427.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 6cc854ff3b583e13e71d5c9256e5d17ccc3fdf7f00d6e411c2616de7521743c6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
last-modified: Thu, 13 Jan 2022 13:31:15 GMT
server: NetDNA-cache/2.2
etag: "61e029a3-79b0"
vary: Accept-Encoding
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 31152
expires: Sat, 12 Feb 2022 13:56:19 GMT

GET
H2 200 Y3Y7V7G8-20220103135525-200x300.png
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/ 96 KB
97 KB 360ms
357ms Image
image/png 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2022/01/Y3Y7V7G8-20220103135525-200x300.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 20fdddd8c2a961b332d320c3c73e85b7205a2ca4b092779182765f8a366e7311

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Mon, 03 Jan 2022 22:04:50 GMT
server: NetDNA-cache/2.2
etag: "61d37302-180fa"
vary: Accept-Encoding
x-cache: MISS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000, public, max-age=31536000
accept-ranges: bytes
content-length: 98554
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 R1K4T3K6-20211228093923-200x300.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/ 17 KB
18 KB 388ms
385ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/R1K4T3K6-20211228093923-200x300.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 704d7984728cfb2ad19277a3646524d8b698bc2500faefc3b7c18ccb12c875e2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Sun, 09 Jan 2022 07:12:26 GMT
server: NetDNA-cache/2.2
etag: "458b1ec4209e6cbfe2ed8183fb894985"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 17659
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 G9X2I6V3-20211201110215-200x300.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/ 9 KB
10 KB 366ms
363ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/12/G9X2I6V3-20211201110215-200x300.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 18d6f0ef68a5d7579b70dc822677d2c6517f0773a0d51707535c00a43bc848fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Mon, 13 Dec 2021 07:12:00 GMT
server: NetDNA-cache/2.2
etag: "e9931adea3d2596253068d6f6259b174"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9635
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 B9I3D9D3-20211008165740-198x300.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/ 14 KB
14 KB 389ms
386ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/10/B9I3D9D3-20211008165740-198x300.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 9abccc1d5a6ece20fd8459287221f1a50069efc85c38301ef9dc036b093153fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Wed, 20 Oct 2021 07:11:39 GMT
server: NetDNA-cache/2.2
etag: "e14b1f48979357ec9f0d5564fa61b48f"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14479
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 P1G6Q7S8-20210916100612-200x300.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/ 9 KB
9 KB 359ms
357ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/09/P1G6Q7S8-20210916100612-200x300.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: c393bbf55a3f5fdc1b55641aef28ae5fb710e79591827b2aa260fd8d83fbdec6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Tue, 28 Sep 2021 07:13:03 GMT
server: NetDNA-cache/2.2
etag: "c975ed724cad674985bf33a61daeb424"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9046
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 N2T2J0O2-20210707131628-237x300.jpg
4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/07/ 13 KB
13 KB 388ms
386ms Image
image/jpeg 94.31.29.99
HIGHWINDS2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com/wp-content/uploads/2021/07/N2T2J0O2-20210707131628-237x300.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 94.31.29.99 , United Kingdom, ASN33438 (HIGHWINDS2, US),
Reverse DNS: 94.31.29.99.IPYX-077437-ZYO.above.net
Software: NetDNA-cache/2.2 /
Resource Hash: 2963fd2b223f81b04ccf95ef0e14340fd0e5a97edbe6ad856b7f01e9b6870293

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Mon, 19 Jul 2021 07:14:02 GMT
server: NetDNA-cache/2.2
etag: "2e84d563cb736256422a747cd988caac"
x-cache: MISS
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13476
expires: Sun, 13 Feb 2022 13:44:45 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 297ms
93ms Image
image/gif 34.235.184.233
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=vicnews.com&p=%2F&u=GqoiXu3qdCWaPHn&d=vicnews.com&g=65935&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=7900&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2414&t=BzjfIRBQjdiFBT2-dWDVP_0RCFnAQJ&V=129&i=Victoria%20News%20%E2%80%93%20Victoria%20News&tz=0&sn=1&sv=CSNILTCIpkchDunrd2D9ZAlRDfovqR&sd=1&im=067b0ffe&_
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.235.184.233 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-235-184-233.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 44a9c9c40f9bdfab1e71181bd26c6c2f148883b3_logo.png
media.volinspire.com/images/44/a9/c9/ 12 KB
13 KB 442ms
362ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/44/a9/c9/44a9c9c40f9bdfab1e71181bd26c6c2f148883b3_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d6989cd58600aba8e1458903ffeba2247469ad439338a8be655833bdaffce84

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: QKAY7RMKQ1WF9ABS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12371
x-amz-id-2: /o0KS9PNRAd8y2HA97iMW73Uaf7WNJ7F8r0c+WyHj5eH2Iu/jcF00pQIV/JTmILgV9cxqXVkAkM=
last-modified: Fri, 05 Nov 2021 18:02:09 GMT
server: cloudflare
etag: "30a284dd3bb4e9c3408f388a0e4006b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mVxxZb2QjXKJFMgw6nWcxPj%2FjPrDaqmmYgDLUxDRJF74ohrgUoIbRCygjeVH2NYAIeJBa3htT6%2BRKxB8S8o%2B%2F3sJgcrpGmYxQYH24u1Q30rU8j68W0b%2FcN3l45wMP3xvpSg42zE1Rtziw%2F5c6yrZKmyq7g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cd74d00f9d27556-LHR

GET
H2 200 712d95cd1975464165a67216076fe795c491e308_logo.png
media.volinspire.com/images/71/2d/95/ 20 KB
21 KB 110ms
30ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/71/2d/95/712d95cd1975464165a67216076fe795c491e308_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c8ecde52241236d3d6616c649c14b4e9ca296acdc1fa62b34df89d1e5faa628

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3641
cf-ray: 6cd74d00f9d67556-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 20457
x-amz-id-2: 1/EGf6nAu9+wvbcl+1DuoU0PbTHaRI36gzRZLUHmxAQYXUHOqz+8CxH5bfhYAg6t+ZS2O9PrriQ=
last-modified: Thu, 10 Sep 2020 18:17:12 GMT
server: cloudflare
etag: "edda04396f4c88efc51bab86e2379eb3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Hi1Wx%2BI%2FDuDurYr78fIw4fmoKadqJKYPJk%2Bp9rMZqv3%2BBQcGn45Ju9pCQ7LjnoNTtDzn8ro%2BQoT1mbz%2BlpSbOHLYq4O7uUU9nqpeKFPKHi7brCpco9TIPojjlWyowSosqR5p1rz17lcdlhMNYSLmnKILw%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 737MBPJK2SD9EXF5
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 98c68f49a1bee6b31c29ddd9d7ff2c58b3cdee28_logo.png
media.volinspire.com/images/98/c6/8f/ 11 KB
11 KB 113ms
34ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/98/c6/8f/98c68f49a1bee6b31c29ddd9d7ff2c58b3cdee28_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1ab6d73a7b152e1375c3856f8b358cb56c5ebdff8f2c8283008ee7ec4374bc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3641
cf-ray: 6cd74d00f9dd7556-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11178
x-amz-id-2: xlzDlD2vC5jJrURav8gyPu/VlmJ4+pWpL8uWjtyAkXmLirftEkdxX4OnPnsD4dI9c0nWC85+weU=
last-modified: Wed, 18 Aug 2021 18:19:30 GMT
server: cloudflare
etag: "118d197e3aab833cb795596b5d9e7e71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qhaYFbeJMX6l5gAdLMMzPm4Kgd%2F5D41QxTbn6UtC6J5PnuiYExUeZ4MYxPXhwKTd0V8zd148g1OLKhJ3nhSXjlv2Bdt1vK0zzDToSluNPwvYnsZtWY5QaiBOn3eWtOuuRvz834cdvk0SrhyGCTN12kp5UA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: 737YGXH980Q9Y94F
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 cd65ed58020dc1d64b837e90da4a155fe5d5359d_logo.png
media.volinspire.com/images/cd/65/ed/ 9 KB
9 KB 435ms
356ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/cd/65/ed/cd65ed58020dc1d64b837e90da4a155fe5d5359d_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 573b7f293fa9030abbea24db9fe6f9b69e4ee6cf2ebcd68b061429d7c96099fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 2QQAYHZHEC00TGV9
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 8758
x-amz-id-2: ZQcIyNhfhz0/vzfF9cRgrw6HnHrACtiraWTbYvGEqP9h7fLFrdnovaeLmyZ5/BUcfEzuMaXYUHE=
last-modified: Fri, 03 Sep 2021 00:35:41 GMT
server: cloudflare
etag: "cb627935e1f07f66777865f0b15f4582"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fq9JzRH4v9mW%2BrYMo4yy%2FhK4IoL91Ct7tAGRdEki1kvExmDv8Sl6zlaXqaIQw8Uzei1IAAfIfoaURME2XpqRDVSYjRfvDnWp1Ni1gLmrSibekPuW%2BWXKMkTtrYe4X6rR47BAOU3azg2JO6nu745w24aYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cd74d00f9df7556-LHR

GET
H2 200 b3bfed913461fe96df232313aa6416655b224269_logo.png
media.volinspire.com/images/b3/bf/ed/ 43 KB
44 KB 444ms
365ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/b3/bf/ed/b3bfed913461fe96df232313aa6416655b224269_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4004064d3e44de7a73afe914870f5ea72e5d2bfcf228c6316e97b6359e24207

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: Y7PMPHEJD1ZNE0YP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43924
x-amz-id-2: lfTgLLbQgFL9bFYy8yxQ/BHkJt9UQWq7iTtS05w5r6+KXwZz6V02N1pFYgRab5QyDvMmmz7Faqk=
last-modified: Tue, 01 Sep 2020 21:52:49 GMT
server: cloudflare
etag: "44d994b560f6ade03618a9c77757366a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ecCzY%2FumdvJgBgfaZ3p34Sg%2Fuc4Z1yeKe0NwDjOqYKS6fYTTiXyhgRf7cVmvvrdeVN0J5Rjh63cKyjpuEQFxMbtqxCZpIzYp4PDUQEQgETeHuHGgNQsc5WNa8bQvW%2F%2BODvI8mPjokkP6o2vdIe8MDpFrjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cd74d00f9e17556-LHR

GET
H2 200 f23a4b3d8c1ff9f208c7d9d11d48f78f8627e806_logo.png
media.volinspire.com/images/f2/3a/4b/ 7 KB
8 KB 112ms
33ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/f2/3a/4b/f23a4b3d8c1ff9f208c7d9d11d48f78f8627e806_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7cf8038cdcb3a550073aab5fe3af30ce5a1d5c177758dbbd5e30810e57016c13

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3641
cf-ray: 6cd74d00f9e47556-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7314
x-amz-id-2: LJpkqBSJxGZK3Fk3n5RbJsKlti7Uewh9a8xdXk+LWzxYxvc+6dnq6mp7qadfLlSubIqASfDd9Ds=
last-modified: Fri, 19 Nov 2021 18:18:19 GMT
server: cloudflare
etag: "c5e6d2887b6dee0d3360b9489ce5f5c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vCW%2FSvbn70qKydSlLhI%2FJRWHfBSmFmFoAo43r%2BQ0c0QPAb6LAz2UmDvJKhJPkNyDcL%2FRugXwWt2AZS%2BFkFZv88d4N%2BislkNBlP7vBLxd0TpXqWz6bfOotyNKwdtfexnEPb%2BN7YhaqFPPsl7%2FQAYSXjtRGA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: P5G5F24KP6QAKR48
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/png

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2612 107 KB
28 KB 138ms
37ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2851
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 7l4FSyqTuevPTB3n2bIl59OhWoDiuG3rsN_TtocWUdNLXNS7Q8BWXw==

GET
H/1.1 200
OK freeskreen.min.js Show response
static.freeskreen.com/ba/110/ Frame 2612 23 KB
9 KB 119ms
36ms Script
text/javascript 13.32.99.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.freeskreen.com/ba/110/freeskreen.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.68 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-68.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b4e4b5f8411a34d61a21827a8d3c221821e3a938f87e6c49af63b5fef34976c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: .M5FsrHFr0aUvyoCgZifFHOBs6Jq7KEY
Content-Encoding: gzip
Last-Modified: Fri, 01 May 2020 19:16:19 GMT
Server: AmazonS3
Age: 33329
ETag: "1d9a288d146d1493fbac48833833a135"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
Connection: keep-alive
Date: Fri, 14 Jan 2022 05:50:40 GMT
X-Amz-Cf-Pop: FRA60-P3
Accept-Ranges: bytes
Content-Length: 8724
X-Amz-Cf-Id: -A3sW9RuGMYJvcIYLygMBvZHjm9a9Fg9hLfzZA-f98yL-qS49qzDKQ==

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2612 121 KB
37 KB 99ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:44 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 70DB 232 B
448 B 185ms
127ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=01631fc7755b74ff638d2e577d3cba37e247d470

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.e37c957bd3ae00473b95800b99e19cff.html?origin=https%3A%2F%2Fwww.vicnews.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-response-time: 105
date: Fri, 14 Jan 2022 13:44:44 GMT
content-encoding: gzip
last-modified: Fri, 14 Jan 2022 13:44:45 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 27d22918ed3baf203f7400faa9db5ba979ff30ede6b1b7ff4a26914885de6b5f
content-length: 166

GET
H2 200 07-xl.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 35 KB
36 KB 34ms
34ms Image
image/png 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/07-xl.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6f1c3f7105f5f92d49b7e0102a29617d715788ac9e882bb0fe1ceefffa64a67b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Fri, 22 Jan 2010 17:09:50 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "083d0b4859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v02
accept-ranges: bytes
content-length: 36111

GET
H2 200 07-t.png
vortex.accuweather.com/adc2010/images/icons-numbered/ 4 KB
4 KB 37ms
37ms Image
image/png 104.111.214.80
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://vortex.accuweather.com/adc2010/images/icons-numbered/07-t.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.214.80 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-214-80.deploy.static.akamaitechnologies.com
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ce547e85d9ea981e3853a34f1584d1a855586695f4beb79abd63d771820e1708

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
last-modified: Fri, 22 Jan 2010 17:09:50 GMT
server: Microsoft-IIS/8.5
x-powered-by: ASP.NET
etag: "083d0b4859bca1:0"
content-type: image/png
cache-control: max-age=31536000
servername: origin-v02
accept-ranges: bytes
content-length: 3743

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 40ms
39ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1962656279&t=pageview&_s=1&dl=https%3A%2F%2Fwww.vicnews.com%2F&dp=%2Foap-weather-widgets%2Fcurrent&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABCAAAAC~&jid=37418331&gjid=530464019&cid=1888553978.1642167884&tid=UA-31945348-1&_gid=141747012.1642167884&_r=1&_slc=1&cd1=OAP_Weather_Widgets&cd2=www-vicnews-com&cd3=accuweather&cd4=OAP_Widget_current&cd5=1&z=693989942

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 2612 9 B
587 B 195ms
132ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=559248
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXQOBsO48wrRqr3Ch6W1gNNfyVAzA9sJFybObRDFbvtG1A3JxuwUQJspZjh9fwGIoTRl94txPFsIXXjvaqdSaoiRIWzcpujsXfGrg7L0sXV9wLOy7KR6F%2BMw%2F5Le6SfW5ecUWH%2FGf03E13jErhkQ0M9huw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d021dac887a-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2612 0
0 72ms
71ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWSKJ1LOmnK-1IahnL6Eq-_ro9dLKnIzIlmHomO816sR9LVtM9UDZ_ZaesRt_TX6qfnfotIVx-TkoSHsmFV55z89UXszj3VxJKUQ7XAjoGXmctBUcfByqqna3to9yELDYNUW11iNnRtUv7cvrNOO1G8IvFKPSKCH4uWSJJKjuiVbDmhVpfg7gazLWbiKipcXNxaAwRX2j568CCoQRYSWZ2V_EtrllRkdADh3THYGy4bHDEQk0b7Cn1pvvUQeIaJFst8Dc2akyKuZlJpmq6i9lNbkFIcS7VutS8UePdaDiKa24A2VWkicPscg&sai=AMfl-YTPXqnPV2b7EIDlUpmx7qk20dq__WYOdgqdmdBqQW_qnRSFF99X2VwqrAsFvmbiHxd81yAMdyDeHs1-q-LYwJKurQVOoXmRkOpKycIH&sig=Cg0ArKJSzBpaANed98O2EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H2 200 script.js Show response
sb.freeskreen.com/publisher/ 86 KB
23 KB 796ms
711ms Script
text/html 18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.freeskreen.com/publisher/script.js?bai=110&ut=&uts=&p_cust_params=section%253Dros%252Chome%2526site%253Dvicnews.com&flc=&slc=&windowlocation=https%3A%2F%2Fwww.vicnews.com%2F&gdpr=-1&cs=-1
Requested by: Host: static.freeskreen.com
URL: https://static.freeskreen.com/ba/110/freeskreen.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-126.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b2526f7e64586dd414f1a6c6457a7706442bc460e2f34d1af71c5e0b7d4f70c5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: gzip
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P2
vary: Accept-Encoding
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
cache-control: no-cache, no-store, must-revalidate
content-type: text/html;charset=UTF-8
content-length: 22475
x-amz-cf-id: TyZeU9oxZLenuDs1h_iWOCtwft1Mp_0CRoKzCHz8LqWtT3BwlQZHbg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 2612 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ad85393e2919649ed19644d46e14c7d5593ca87c12c18b0a3dc1b9fc7e6608f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
28 B 56ms
27ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-31945348-1&cid=1888553978.1642167884&jid=37418331&gjid=530464019&_gid=141747012.1642167884&_u=QACAAEAACAAAAC~&z=1500554377

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.vicnews.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 13:44:45 GMT
content-type: text/plain
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notorious-dsg.ttf
files.dosomegood.ca/fonts/platform/ 48 KB
49 KB 121ms
49ms Font
binary/octet-stream 2600:9000:2240:4800:16:8147:1b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://files.dosomegood.ca/fonts/platform/notorious-dsg.ttf?v=1.1
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2240:4800:16:8147:1b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bdadf8a69fb9e2f22a8e2e703f4aa5e78fb6477d5a873b89a8d0352ab37886e

Request headers

Referer: https://www.vicnews.com/
Origin: https://www.vicnews.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 02:22:56 GMT
via: 1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
vary: Origin
age: 40910
x-cache: Hit from cloudfront
content-length: 49404
last-modified: Fri, 13 Aug 2021 17:18:32 GMT
server: AmazonS3
etag: "7c050ded22c730656b267778aeed0558"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: binary/octet-stream
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P1
accept-ranges: bytes
x-amz-cf-id: d4T3izV9rdIE9nELAW2OMEpdz9aLQeKBUiuCQedmlWozolN5_dslDw==

GET
H2 200 vBKRNrKn2Ss Show response
www.youtube.com/embed/ Frame A648 57 KB
24 KB 169ms
93ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Requested by

Host: files.dosomegood.ca
URL: https://files.dosomegood.ca/scripts/p/w/dsgw.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6984d9bd1e6367baff7e688d1b6d970ba7fef890ae81c6faa41950c3531e5143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Jan 2022 13:44:45 GMT
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"
report-to: {"group":"ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA_aXV-idIZ-e5x1JSbJUg8hfAx2dSl3lQ"}]}
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en-GB for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 hqdefault.jpg
i.ytimg.com/vi/vBKRNrKn2Ss/ 17 KB
18 KB 135ms
43ms Image
image/jpeg 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/vBKRNrKn2Ss/hqdefault.jpg

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1362f0a857751cdedba4addcf37faf123fc9044cf8949d3ec09ae8ddb5f83df3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17539
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=300
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jan 2022 13:49:45 GMT

GET
H3 200 31033a6532a1fd670cc2f4205dd8c5960335c1a4_logo.png
media.volinspire.com/images/31/03/3a/ 30 KB
31 KB 410ms
381ms Image
image/png 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/31/03/3a/31033a6532a1fd670cc2f4205dd8c5960335c1a4_logo.png
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 127be23a0e604312a0bb1306cc3d4974ca29084e2f979f12e679b1103dae3cfa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: CQW9W5THG0RRDFR5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30989
x-amz-id-2: w1SI+vgfCs/V+6pYJEA9IsmSI9+LLqZO70UmekLKj8QpU2mAb3Nr7JNtVVt/1YQ1RqVjt3/ZXeo=
last-modified: Fri, 08 Jan 2021 16:18:36 GMT
server: cloudflare
etag: "cc6fad683234d617542d44f75f7b2658"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n82DXgML7oXao7WTy3x0L%2BB0Qo5mRVkkSr264s9iXkFju5P5iaohDBnWo4ZXJgssjFx%2B7eLvQHqv2xWyYfqe5h5nRnZ1rdmXkIGz%2Fx2JqwuHwZw6tbGWJTimaY9UtzgSFcVHLaGVYWu6%2Bb%2FBxkZwe8LZYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cd74d04bd7f88b0-LHR

GET
H3 200 12c034a4250a454a0c7a9b8059f9a2c60d5af9fe_medium.jpg
media.volinspire.com/images/12/c0/34/ 56 KB
56 KB 60ms
31ms Image
image/jpeg 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/12/c0/34/12c034a4250a454a0c7a9b8059f9a2c60d5af9fe_medium.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2c2a6d3a2fc0da56714a8ddd0c530f8da500f5520da2d5bbafec8dfe4d76e44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6748
cf-ray: 6cd74d04bd7c88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56898
x-amz-id-2: KYaLTml4cBsTyQYmS82DasCNrsrrV77/XGmIwiNpONqD35F5z0phwl4WqtXvi7RgCXxAeOk778s=
last-modified: Thu, 13 Jan 2022 21:23:09 GMT
server: cloudflare
etag: "92981eadcf0d693ee286900b6a5db625"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KsFa7Ms03ZjslONkudMG0pKkwQX8oeLsOW%2FIKlJjpWY7LRmfKLGvBhuWrpMilATsQhglLXGZvkwNCS6htLHc0fp1GqY6Kqgv7qmz5a%2BCX6s%2B0HecLHfaNpX56BkQrEzzOcirmSa88aP5JjvIs1deSULYkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: KNA9BJCRNY06VFS9
cache-control: max-age=14400
accept-ranges: bytes
content-type: image/jpeg

GET
H3 200 7e61344d05d84c95fbdeb10c0a8b33974df32bad_medium.jpg
media.volinspire.com/images/7e/61/34/ 77 KB
78 KB 379ms
351ms Image
image/jpeg 2606:4700:3030::ac43:8fe0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.volinspire.com/images/7e/61/34/7e61344d05d84c95fbdeb10c0a8b33974df32bad_medium.jpg
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3030::ac43:8fe0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 372fd1cec3b746a49f8224d6b19e0270dbded9c18507749962cf404d515a5944

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 1YX3VWY7KCYQAZQR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78809
x-amz-id-2: ZjXtlB0OlOWOD7vW4ypnFhPCUTJWl9jRv2KmRFaqpuwdBa6gxNjhrYyH+h4Jc8xyDAJBhFyAsAs=
last-modified: Thu, 13 Jan 2022 19:41:43 GMT
server: cloudflare
etag: "fe3a2bbd108cdc228f77dabdb195f68e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=va%2B9HRClMRPKxeKD89Pwe1iZ%2FKzYYf%2BXvMKKaEcdGzgmzeZdz6GdvknCp4YX4ZlGuGnC3%2B8s8HFu4bLHk4W%2BuBuAEd5MudkhK7mE1aG%2FvZarc1CgQmNdKLEmB3fu3weRM6xzh%2Bf8gx7Dou3FXp5Giht5Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6cd74d04bd7888b0-LHR

GET
BLOB 200
OK 1f2520ea-be6c-419c-8e9c-139d6f5b4c49
https://www.vicnews.com/ Frame 2612 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vicnews.com/1f2520ea-be6c-419c-8e9c-139d6f5b4c49
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0EE8 6 KB
3 KB 78ms
36ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7FBC 6 KB
3 KB 74ms
38ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame E757 107 KB
28 KB 38ms
37ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2851
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: YQGAbSqDB5RfUtpjo-XdD8KOTNyoBVz45IlzqNFZVrABMco60-VgHw==

GET
H2 200 15533182364935006600
tpc.googlesyndication.com/simgad/ Frame E757 51 KB
51 KB 111ms
34ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15533182364935006600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ddf297c6ba76d1ac0567ba625106e8d60fc34429fd90791a8f400d489d69e2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 10:43:10 GMT
x-content-type-options: nosniff
age: 97295
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52081
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 19:44:16 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 13 Jan 2023 10:43:10 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/ Frame E757 2 KB
2 KB 110ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 34
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:11 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E757 121 KB
37 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E757 0
0 89ms
44ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9Ke52Pot5Wne9-yUqi0f-Un43O8IJbAKGvh1V8ryxwLpWXDvXZAuRZYUvLVPyE8nB9EK6ta8JonANNOFYVcZATD1cuQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 2612 0
0 117ms
74ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss8OsuwkzBQa5TCnUdf3NOGAhkr0ypGi837coHKFD65CTk3tAqzOF_JLQF8B0GwQP_UsnSxx0IU5aOtuqBq4smleTKjfyI9MrscYOnSU0McCEwIS45yXAgPlmEH7qFDonmq5LaDhGnJvWt1ByqMeR55TES5IJqj_sA_w659LZS05Z4lgbhOAP216aC1lQz-8NQRKEE41zyDsX2TVzokrPU-Dp0WNo-reiQK1uIjO8QuSdHtYCKSLUve9jVNdlWMZAFdWLk0vWX90yhViwfqk4GOBWm6j9qvG-kymIrU8EggFHAsn7hTacBTQh0O&sai=AMfl-YTnuqHqm6JWZO0P7ikDzillc2EOk6GDWk_RUR4dhdlw4ml4-SgBCoMe61Cii5xpzKTEHhgKGW9DmFe05bREqB4jT3aUKFbVWeIfS6g2&sig=Cg0ArKJSzOKq0Yy4cY3AEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 63ms
58ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31945348-1&cid=1888553978.1642167884&jid=37418331&_u=QACAAEAACAAAAC~&z=437698746

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 100ms
57ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-31945348-1&cid=1888553978.1642167884&jid=37418331&_u=QACAAEAACAAAAC~&z=437698746

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/18da33ed/ Frame A648 340 KB
47 KB 79ms
36ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f71e3dfe76ba6bd96a9474751c9baaf5fd53a3ca529cc6dd8bfb2efdfce74e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:46:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79088
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47601
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:46:37 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/18da33ed/www-embed-player.vflset/ Frame A648 276 KB
85 KB 76ms
34ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfd1c401f85a0fd4319ecc0bcb96ab96857dde344d688d72cdc7a2e76771d2e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87025
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:42 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/ Frame A648 2 MB
536 KB 117ms
76ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4594261b8eae1780f909ccd0b71e57384c43c5a7467e299ef25b5d33e9063be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:50:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 549166
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:50:20 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/18da33ed/fetch-polyfill.vflset/ Frame A648 8 KB
3 KB 113ms
71ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:45:42 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A648 15 KB
16 KB 114ms
35ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 247084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 17:06:41 GMT

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame E757 9 B
593 B 171ms
121ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=184013
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I0y6m2QKP4VhKlB4%2B30l6iprqPGTY2YKgfm7QGW4mkeaVEy0kFXarTzHzDV3ZEOFKFYyQub1Fv3tVjsqyvleSBJLMYlA3wH4eA%2BgTV0xj4LsJXrzgK3%2FIu%2BRRS2AFkMeToRqcINF4SdYsXicYDPF79R%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d058f6a71c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E757 0
0 71ms
70ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-uT5UXQFefQSQKvNbxT7Pt8CK7axYq64xfYQXH6uRj39IEh0G2zMw9I2BKlW1cixIseccS6q6A_sOrlqKFtsqat7PiZVEvuYcRpUOMirxmxDYHJ8cGp8HM--F3h5cTqJY7gw6ovByjeXI0DMGW_HV-aibnoTsf1IiwQrmzzingA85j9Nx0s5tSWEBr-1X2GCxMlcGckHaTzrNhdmjG0pOIuoolacURG-uDbkHTRmhGm6sUtknuEaa4xzy7-TQ9k-n6lipb5W7p0g-grh9wXlXOiUX2ntQUqn1RIIaxqLul9Tvmg&sai=AMfl-YST-chdmyTlk7n-boReQTl-Lsm7qaKVIfouwga2r4Otx1djcG4eYdKh1ps1MbT7bDhwTBqluMlxroprm6-DQDKys8Y9Ses20RUuILYjSfTo9hU6h6-BeCo2DQV7_Pw&sig=Cg0ArKJSzPZlKyqa00T7EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame E757 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b5a69c63e50ccb87873ee61f375dd0cd73fd1c2d4c2bfd48f7a6e01c7578f35

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK fa35ff7f-a056-45ee-aa0e-9971dd66c58f
https://www.vicnews.com/ Frame E757 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vicnews.com/fa35ff7f-a056-45ee-aa0e-9971dd66c58f
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B8A1 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 0EE8 107 KB
28 KB 41ms
38ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2851
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: xILIiG8RxgK2P757lDnoWZtpLYT0qe1TIULZqSx5Fe74aaWlTbHmlw==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 0EE8 19 KB
8 KB 105ms
57ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0EE8 22 KB
7 KB 81ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0EE8 121 KB
37 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 7FBC 107 KB
28 KB 49ms
47ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2851
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: YxUCzHRxezad_o1BxH1_ns_n0nQVFSD1J4AcmgYB_oqKNhOtv7uKmA==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 7FBC 19 KB
8 KB 84ms
39ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 7FBC 22 KB
7 KB 90ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7FBC 121 KB
37 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame B8A1 107 KB
28 KB 44ms
44ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2851
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: dopM6YJfRefg1DVKy_pTBv-TLwKxZlCPvk9tBfqsT_S65Ve3d5xlRw==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame B8A1 19 KB
8 KB 55ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B8A1 22 KB
7 KB 72ms
50ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330299
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B8A1 121 KB
37 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 0EE8 9 B
555 B 124ms
123ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=573971
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hHFKPoHE1rMIJMo%2B0%2FQe00NhMHSSnYWZts3LDchXl5cp7%2Fq%2F3WQfM0Ha2ggP9nO81fAhlbWEq99etFBDtozzlSLxYY5y0YM1jikuS1Nt9s8SxlW59qtOBDTHDVrMtBDYTVG3FMmSJg2QHHsXggO%2Fwzk3w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d06289e71c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
BLOB 200
OK 8bfba282-28ad-4698-a82a-502dd59889c4
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame 0EE8 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/8bfba282-28ad-4698-a82a-502dd59889c4
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E757 0
0 78ms
77ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssGc5sTy_Y9Hh9vKy2HaTSgg6EPliCX-56lMC28_dHRTaHmunuVaENeuFUrq1enrERNjB3k7iAzKdlRXzYeSXuMdavMn4sxk78tVfmUOEx3B8N6nMmTGKNoXfIGFkxLAPBWqjioh5RIk9NCrrWCvR4fYVQS2pJhFeYuZ4nWtvaw8cj69TsQCHNPlMMU1N1arB0ryRJHUvvC_GbjY8-LQZF0jGxketGvW-5saAOcEWA9nFlxzbDicdzpj1kbgV79_wZBrQHxc2J4GuTQJZQWAWlFCyZfNjX-hWZ8w8-hELhnh3YEv4Lw&sai=AMfl-YSTGA8O-WuGkI6_fulJPLa_jY1YrMYNJDM4vj5kYse2yS-zjEpDcxjJ78PzBP-UlXp2yf4c55ploOvnASz8pVrRjRZp-rVNC7lrgHZNjr5v61pUu_lQYPZ-uxBIR7s&sig=Cg0ArKJSzHsMmGJzfbaVEAE&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:45 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:45 GMT

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 7FBC 9 B
555 B 119ms
119ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=197799
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4lGlttlI2VKXiTTsktwE85zX7FrPiH%2Bm3dqgXx%2Bg7VUkNTIQP%2B8eOLHIT0218niErdzQWva869mAcYfOmQEaCMafcy4fgDJ46MquZrbIwV1INbCJ7WlcEnLT%2BCKSHl3o1UyJ1N0T5nUUP68F7uZGanXsZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d0648e971c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame B8A1 9 B
555 B 115ms
115ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=1044853
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oIf4CMgEgzfqqczkj6B2Nh12LwNnKaxHL7ZtPttoWmXwMCmpaAdlvRA9G%2BeiusSH1L0kE2Ls%2FTgLevyTsATglkJngPMheWmb1%2BfuflzulP7gZ9dpdvTk69S4iFHz3ZpCJWjR%2FwEZGAjYEavMcHDO9wZEyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d06693b71c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
BLOB 200
OK d895825d-8370-4bfa-b6df-02c5cca87abb
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame 7FBC 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/d895825d-8370-4bfa-b6df-02c5cca87abb
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK ddd9ff9e-3b6c-4542-953c-97efb8645c59
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame B8A1 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ddd9ff9e-3b6c-4542-953c-97efb8645c59
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 7FBC 109 KB
38 KB 112ms
36ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame B8A1 109 KB
38 KB 124ms
73ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 0EE8 109 KB
38 KB 127ms
99ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H/1.1 200
OK ac Show response
ww1772.smartadserver.com/ 212 B
488 B 114ms
30ms Script
application/javascript 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww1772.smartadserver.com/ac?pgid=662773&insid=7974420&tmstp=6961798723&out=js
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=110&ut=&uts=&p_cust_params=section%253Dros%252Chome%2526site%253Dvicnews.com&flc=&slc=&windowlocation=https%3A%2F%2Fwww.vicnews.com%2F&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
content-encoding: br
vary: Accept-Encoding
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
x-smrt-i: 7974420
cache-control: no-cache,no-store
transfer-encoding: chunked
content-type: application/javascript; charset=UTF-8

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame FE53
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=123456&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west

281 B
554 B

118ms
39ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Requested by: Host: sb.freeskreen.com
URL: https://sb.freeskreen.com/publisher/script.js?bai=110&ut=&uts=&p_cust_params=section%253Dros%252Chome%2526site%253Dvicnews.com&flc=&slc=&windowlocation=https%3A%2F%2Fwww.vicnews.com%2F&gdpr=-1&cs=-1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "402b2-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 14 Jan 2022 13:44:46 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
date: Fri, 14 Jan 2022 13:44:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H/1.1

200
OK

getuid
sync.smartadserver.com/
Redirect Chain

https://sync.smartadserver.com/getuid?url=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fsa%3D%5Bsas_uid%5D
https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1

0
75 B

118ms
118ms

Image
text/plain

199.187.193.166
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.smartadserver.com/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: HTTP/1.1
Server: 199.187.193.166 , Canada, ASN47043 (SMARTADSERVER, CA),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-length: 0

Redirect headers

location: https://sync.smartadserver.com:443/getuid?url=https://sb.freeskreen.com/um?sa=[sas_uid]&cklb=1
pragma: no-cache
date: Fri, 14 Jan 2022 13:44:45 GMT
cache-control: no-cache,no-store
content-length: 0
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

GET
H2

200

verify
scm.publishers.tremorhub.com/pubsync/
Redirect Chain

https://scm.publishers.tremorhub.com/pubsync?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D

43 B
182 B

95ms
94ms

Image
image/gif

2600:1f18:612b:4200:2a91:c38f:5261:5805
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scm.publishers.tremorhub.com/pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Server: 2600:1f18:612b:4200:2a91:c38f:5261:5805 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

location: pubsync/verify?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Ftlr%3D%5Btvid%5D
date: Fri, 14 Jan 2022 13:44:46 GMT
server: Apache-Coyote/1.1
content-length: 0
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

GET
H2

200

um
sb.freeskreen.com/
Redirect Chain

https://cs.admanmedia.com/sync/smaato?redir=https%3A%2F%2Fsb.freeskreen.com%2Fum%3Fac%3D{$UID}
https://sb.freeskreen.com/um?ac={$UID}

43 B
580 B

60ms
58ms

Image
image/gif

18.66.122.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.freeskreen.com/um?ac={$UID}
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Server: 18.66.122.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-126.fra60.r.cloudfront.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:46 GMT
via: 1.1 1662abbf731d8832e73c83b2467e7f38.cloudfront.net (CloudFront)
server: Apache/2.4.29 (Ubuntu)
x-amz-cf-pop: FRA60-P2
x-cache: Miss from cloudfront
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI INT DEM STA PRE COM NAV NOI DSP COR"
cache-control: no-cache, no-store
content-type: image/gif
content-length: 43
x-amz-cf-id: cZHHibkdAbbtK2WS9YB4JBRqRzwEs8zZyb16fS0hMiVDfyDmdTEoPg==
expires: -1

Redirect headers

Location: https://sb.freeskreen.com/um?ac={$UID}
Date: Fri, 14 Jan 2022 13:44:46 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2 204 /
loadeu.exelator.com/load/ 0
324 B 134ms
35ms Image
text/plain 34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadeu.exelator.com/load/?p=204&g=1300&j=0
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:45 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 id Show response
googleads.g.doubleclick.net/pagead/ Frame A648 113 B
723 B 123ms
42ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0aee472aeb8982d5544128d163abd9db0d7facfbf76ecaedf190575da24250b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A648 29 B
587 B 112ms
34ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:42:14 GMT
x-content-type-options: nosniff
age: 152
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 14 Jan 2022 13:57:14 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/ Frame A648 94 KB
29 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e85af39defda4c9dad2c748e5be91e6d992d6bb3a714ed314e4280c06f2cb68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:53:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29690
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:53:39 GMT

GET
H3 200 A9OLVNyroQ2GrLEF8Q_npqdPaTWSHZLYn10ZZfowTYg.js Show response
www.google.com/js/th/ Frame A648 35 KB
13 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/A9OLVNyroQ2GrLEF8Q_npqdPaTWSHZLYn10ZZfowTYg.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03d38b54dcaba10d86acb105f10fe7a6a74f6935921d92d89f5d1965fa304d88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 06:10:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 200082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13415
x-xss-protection: 0
last-modified: Tue, 21 Dec 2021 11:30:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:10:03 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/ Frame A648 26 KB
7 KB 35ms
35ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df9ee7e636a2b24cfecf3c9412ba36fb5260bd50d8ca75c0a7256cf0495f70c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 15:50:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78865
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7573
x-xss-protection: 0
last-modified: Thu, 13 Jan 2022 01:19:38 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 13 Jan 2023 15:50:21 GMT

GET
DATA 200
OK truncated
/ Frame A648 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLQ0o4Efp-QNeHae27XM329clOO_9wCLpcYcNNRo=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A648 4 KB
4 KB 128ms
33ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLQ0o4Efp-QNeHae27XM329clOO_9wCLpcYcNNRo=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

8d814d5a5e1eb7d60c1147f676fb09de9ad09f4cc12ca141eacf797bd78a0460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 11:44:37 GMT
x-content-type-options: nosniff
age: 7209
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3758
x-xss-protection: 0
server: fife
etag: "v6"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Thu, 13 Jan 2022 18:12:27 GMT

GET
H3 200 sddefault.webp
i.ytimg.com/vi_webp/vBKRNrKn2Ss/ Frame A648 28 KB
28 KB 88ms
44ms Image
image/webp 2a00:1450:4001:812::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/vBKRNrKn2Ss/sddefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550293d53f877418677d1a2809ec860525d8030566be73663cadb592b924b721

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28738
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=300
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 14 Jan 2022 13:49:46 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 08E2 107 KB
28 KB 41ms
40ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2852
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: BATSiUnz1YkiLyn2HFAujHPw-vQNQq3y_8imBiZ4z9GvvI-02qpklQ==

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 08E2 78 KB
26 KB 63ms
63ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

3bc7d7663e920ea1a1ec97e7301c1644225cdfb02f2a3338c9b97aabee9da631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26923
x-xss-protection: 0
server: sffe
etag: "1101 / 338 of 1000 / last-modified: 1642162303"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 08E2 121 KB
37 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/5096033271/1642092457341/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_970x30/ Frame 558F 83 KB
24 KB 83ms
41ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/5096033271/1642092457341/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_970x30/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c920d05e043a2eeeba0e6851e09641ec510b317a9a985e42086af042c225a9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 24098
date: Thu, 13 Jan 2022 23:21:06 GMT
expires: Fri, 14 Jan 2022 23:21:06 GMT
last-modified: Thu, 13 Jan 2022 16:47:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 51820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FBC 0
23 B 76ms
76ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvLJ9fRtiYWDZrwFFqcOQi8Cj6Sr1nU67IiU_9ZemHyzP5u0tpVZPzlyCE7a7F4H9UnHnG8tnR4-DCQjxIbaO4LAMDYRGumZgQk2mmA_aVXJsyuxKT3XLO5WQEPKVz4rwBkjfsba48cQcYvQTN2264nRJOxyvdFWjhpM5_Qcc3k6OSIfEcprtrBzfzEApEgRIlH2GO_ATdoSnNgoAqc2WuxbZAXxOndKFrkxPp0HFO196Cdw4pEoVyc3Lnk-FFOSKAoqIlNSIdDLOuLYyq4RcJrAS-VRRSnPafqgsioSDcHYJWypQ&sai=AMfl-YQWSPH_zR-FTMpbEtSIkykBZWSjtmXEr4fYYbeurN0TCDTEOXLr-2jhQvBPGPWE1qnZfiJBPzTBFsWVYyDrqnoRXM8aAY0HTD9IL1pLyP4dCvVKV_RuyAtX-BmRk14i&sig=Cg0ArKJSzNrBpBz6qSrSEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/15081979/1635527235540/BPMAE0000011756-001_House_Ads_No_Charge_REV1_970x90/ Frame CF17 78 KB
26 KB 132ms
94ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/15081979/1635527235540/BPMAE0000011756-001_House_Ads_No_Charge_REV1_970x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf158126fa85404eafbbedb5b96f35d4333d2b8d289bd28e6f221062fc204bbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 26421
date: Fri, 14 Jan 2022 13:44:46 GMT
expires: Sat, 15 Jan 2022 13:44:46 GMT
cache-control: public, max-age=86400
last-modified: Fri, 29 Oct 2021 17:07:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8A1 0
23 B 71ms
70ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCsisTmXY3NevSGw19LRJ5-281rBnI4ncy4EqhFONZqyf-FvuM3_khegF9NpP2IkV9IkfIeYLWfpQxVjRVvcW8vqKooG0o7pcg-1W_Ehd4TldTnqbD8aIjhDfK3WqCChZqC9HvHanIlINYJqEv0G8uad5pvxzXvnugUiyAPdgtC7rl_a4RI_PI7E_pFbLd3CJonfK7OSVgXZf3CDTWcunkZG4QeSmu54v3mYOxXupilWjM62KBR0zK8BcmUNjpOFiTdPBYd2Z6OrYUZuBwr5X7EWIJ3v0Fm4HQ-_Cdw_BuxJ8clg&sai=AMfl-YTLkRXdhhNjOPllGYGQKZjU9uHIWOZgUfyanIQSZjSpTPdiAQiFsg9Cd3yREwkyGNA4Fw74A3zb4g9PPDRfABil21N_znrfH9hLaYrD8q5O8DhQkSz4rEXOQkxpi18&sig=Cg0ArKJSzEiCRp-VPZA8EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/5096033271/1642092457670/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_970x250/ Frame E040 123 KB
56 KB 70ms
35ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/5096033271/1642092457670/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_970x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6748d6778f5b4ee46332333f35f2e71dad6b2aa978fa047288ec2b1152ad5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 56836
date: Thu, 13 Jan 2022 23:21:06 GMT
expires: Fri, 14 Jan 2022 23:21:06 GMT
last-modified: Thu, 13 Jan 2022 16:47:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 51820
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EE8 0
23 B 74ms
73ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss4rLfd6jatpgw3tvz-oHiiYjcCcW4ikpewZX4397NgiZu-7b2pDP8rYPzz3RtPQGEOPB9BvwdGnz5J4PNE6oc7GftOxwK0k1OiIl0GqO4zbAhbBP8hFjUy_r8HAEk0Zw2MHQV_pnpEgX27zMas87iI1Zpil5ZHW6qtw9-OpAX4lZKwoT24VdazL1IFU68zGxwbjGGPpCQOI4IBWjuxuPjdb7MYe_tvHpfDXOFr_2-erE7zHgxKTVs8z_ky7JppwabUlC8DQ0-siZDgJsjKCA81UPmHcNaZEIfzrHOfVgXlMcIMiQ&sai=AMfl-YSP6p8G2801TH7TohrFARAbK41HDE3ekEiKr3EerQhwtIW8DXD6MRO6SwxWFPBHwwEOwUg-zEAGj9DnYGB03iIX7mlHtmVWaqyS_ApbV464oDN86RXbvY5gaw8PWate&sig=Cg0ArKJSzF528RPEV5IsEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 08E2 9 B
555 B 115ms
114ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=540799
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2B%2BQ95ehQ43pyq8dPy4e154fNdf2uueVVtnIDBLqo39DIGLwa16romPvOTxN7oUl%2FX6dtEcwVRERLpBrh5uyoiUFV2pUfJgXtZF7mB9%2FRDEvT7jrrHofSETc4czepMnlvq9gqrmKQw6tkczgMK%2Fjwg3G0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d081c0371c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08E2 0
0 71ms
71ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYLT-vZr0z7qGeskJ356Lbfp2oiSwDlBdQgtWHFYfI2Ds9tbfpAGBtTHkii0E0L8_SsK5mG_zU9B3uIbIXYKasXJbncUK5kqIR_ksXHZBz_fO2q90VyAbTGeJm-a562AiqhK5Sx2xEjxV5Lup4LJHJSJBNd7hZ7ksCSuDN-wO5JXXeohmWFV8AyxEFKehqv9rbKaRnjcDRaq4JwM1X5nvrxE9KTiQIxU940tVQzeVLa6Gd8kKMb2LFXKQ8XVkEcGAQEH03u-9FsBMirkaMbL07ihqFCHiEf1ILocf4r56qJBI&sai=AMfl-YS9RWg8FPaljYnSsF7_j3JZwvF-NPmnPwofIwtBK5JtMcfvIgaJplO3tVPWn4CVqUb_70DtgP1RJdgOuii049QUM-E9IrHm7Li_oJM58taopc7xwr77Ya7jH9Zoomfs&sig=Cg0ArKJSzHMz5A-AGZM1EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A648 4 KB
3 KB 119ms
43ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/player_ias.vflset/en_GB/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
DATA 200
OK truncated
/ Frame 08E2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dccb24c90de65a4ea4dd4924aadf190762bf486d4a3cfa433df69392ec554ef

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK dfe890dd-a390-4917-bbdc-9198a7ff86cd
https://www.vicnews.com/ Frame 08E2 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.vicnews.com/dfe890dd-a390-4917-bbdc-9198a7ff86cd
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 204 generate_204
www.youtube.com/ Frame A648 0
9 B 34ms
33ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?b3NYWA
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pubads_impl_2022010407.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 08E2 352 KB
118 KB 35ms
35ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2495
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120967
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:13:20 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 14 Jan 2023 13:03:11 GMT

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 046B 6 KB
3 KB 34ms
34ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E3D7 6 KB
3 KB 34ms
34ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/97/ Frame A648 53 KB
15 KB 75ms
34ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/97/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 11:39:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7507
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15488
x-xss-protection: 0
last-modified: Mon, 01 Nov 2021 15:04:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Sat, 15 Jan 2022 11:39:39 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BCD2 228 B
751 B 121ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9026ae0dbf1a46ea51395e667d0beb6ac57fa3d8d7df335d5c253b4a92067e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BCD2 219 B
286 B 122ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900&text=Live%E2%80%8BGREN%C2%A0

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

266da7cbd703389ef96dd0e08434656b163a577d96470bb197e32ef2decf1095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E009 228 B
299 B 113ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9026ae0dbf1a46ea51395e667d0beb6ac57fa3d8d7df335d5c253b4a92067e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E009 219 B
286 B 112ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900&text=Live%E2%80%8BGREN%C2%A0

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

266da7cbd703389ef96dd0e08434656b163a577d96470bb197e32ef2decf1095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 046B 107 KB
28 KB 34ms
33ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2852
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: NXVhyVcMkb0al0nOo9PZp50NBavjHYE561D32nHCUVL4lOlC0_arhg==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 046B 19 KB
8 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 046B 22 KB
7 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 046B 121 KB
37 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.ie/adsid/ Frame 08E2 107 B
792 B 137ms
44ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ie/adsid/integrator.js?domain=www.vicnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 08E2 107 B
122 B 87ms
44ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.vicnews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 08E2 421 B
264 B 440ms
440ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3567073384105193&correlator=1126279334079158&output=ldjh&impl=fif&eid=31063378%2C44757101%2C31063708%2C31063246&vrg=2022010407&ptt=17&sc=1&sfv=1-0-38&ecs=20220114&iu_parts=21849154601%3A1036919%2CAd.Plus-970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=site%3Dblackpress.ca&cookie=ID%3D446b8d2214f56f67-22d9960920cd0085%3AT%3D1642167884%3AS%3DALNI_MZzW445lIQdZjeUryw6HTFyoLjg5Q&cdm=www.vicnews.com&bc=31&abxe=1&lmt=1642167886&dt=1642167886373&dlt=1642167886026&idt=325&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=90&oid=2&adxs=315&adys=7741&adks=926511643&ucis=autb1qrb4mp4&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&nhd=1&url=https%3A%2F%2Fwww.vicnews.com%2F&top=https%3A%2F%2Fwww.vicnews.com%2F&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=970x0&ga_vid=1888553978.1642167884&ga_sid=1642167886&ga_hid=326154781&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

3aa408e9a3cd7b67f583e0c5037737de9edf074034eef6ffbf4d46f027f865e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 228
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.vicnews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A135 6 KB
3 KB 70ms
43ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:46 GMT
expires: Sat, 14 Jan 2023 13:44:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame E3D7 107 KB
28 KB 33ms
33ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2852
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: u-J_Lb3NvqDLQ4d-x-vs4ciJ6fOkJ-fs6-F5F2x-x4m6n8qJtc53RA==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame E3D7 19 KB
8 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame E3D7 22 KB
7 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3D7 121 KB
37 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
DATA 200
OK truncated
/ Frame 6F6F 5 KB
5 KB Font
font/woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d22ce3f9258e1acac0f6e226c14ef945d60d66978e9c8fe5a0585224688cca6c

Request headers

Referer
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: font/woff;charset=utf-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B8A1 0
0 73ms
73ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1qeqmDh-Q7RRifhC-q-eagCD-Y_RattnJ4EKnl3cnXw5TCxfQCBt4MgZAmAgXvUvOeyX6TLr1YtvF7-SrkRWKbw12YzDTO7M--nPWZHyeAhyLTZHKHBRif2fWrf1V7STEdpUR9u06csp2fETaiIAUZOMdvwteHSZtLzWEGTKFtzgsc8Z0L2gFZlQse9m4aH1M_qa25f-XFt01Wmxtsa-LdYNK_bR59jd3i-2YQTDyZ1PvrJ8Iw2-m6sKNhYbI-J3guS4-T4D3P-lIDPhtCgFb7qE4gwwN2ZjD2dYE2Hz6eWRQRmis&sai=AMfl-YTazyVhNKK-uTkX4E21vCKhQpIFxvRx5j-aeqyFmL-jta-UbOvo_7evwb_qTvo_XplKFFETgnsGTFgIkidY5i-MsFmlwGjL0RiE08MTCD3BYuTzQNVFHDECOP5AnhU&sig=Cg0ArKJSzMHouCpizpTbEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
DATA 200
OK truncated
/ Frame 6F6F 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27006ae8716b071cc8dc854de1dd40f7af3ba0d2bb6a6d3ed0c60148e01fea92

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 046B 9 B
558 B 119ms
119ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=262079
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pfw%2FV7bEVh5uC9dollO8TZzF%2BWVQKSwFYWB65fn7g%2Fl%2FLEf9Qzt2%2BLdmbuNhn%2FyEc6men4p9R1W7SjqE%2B3MYVeFIW2H2XShO0cv1cmVqCrOuVxc9hMe1ix1y15X7gQev4mg9Uukzgk1uPDts74mwNYzbQw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d0a2f5571c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 196E 6 KB
3 KB 35ms
35ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
BLOB 200
OK c8a815ca-5e77-4321-962a-b1af59717dfb
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame 046B 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/c8a815ca-5e77-4321-962a-b1af59717dfb
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 container.html Show response
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C075 6 KB
3 KB 37ms
34ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Fri, 14 Jan 2022 13:44:44 GMT
expires: Sat, 14 Jan 2023 13:44:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 046B 109 KB
38 KB 79ms
36ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame E3D7 9 B
562 B 126ms
126ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=1045722
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eJNzYuvPX4arU8Kfpm%2FHbKHUf1a2Zf2%2B7%2B8erCWGcLiFj0cRmylUtzko04%2FgAmxe6iDiXGxaubP0SU%2F%2BOjNXTVfyy4uK5vTbft9cScAWg6Pw%2FhPMAv5otncZbfY%2FUsME%2Fn8tvdc3AzcO%2FARp0H9Bg3%2FtnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d0a8ff971c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 200 font
fonts.gstatic.com/l/ Frame BCD2 3 KB
3 KB 78ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOmCnqEu92Fr1Me4H5YIw18aYS72cUANCvmUg1KOlGwM4tjXT4&skey=a0a0114a1dcab3ac&v=v29

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c54aa34515c9af69ef05e5f951ba2cf9d7419be43343fc907a22f02a4faaf886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 19:36:50 GMT
x-content-type-options: nosniff
age: 65276
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3288
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 19:36:50 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame E009 3 KB
3 KB 75ms
36ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOmCnqEu92Fr1Me4H5YIw18aYS72cUANCvmUg1KOlGwM4tjXT4&skey=a0a0114a1dcab3ac&v=v29

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c54aa34515c9af69ef05e5f951ba2cf9d7419be43343fc907a22f02a4faaf886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 19:36:50 GMT
x-content-type-options: nosniff
age: 65276
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3288
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 19:36:50 GMT

GET
BLOB 200
OK 6ce1854c-ed38-4401-b980-fc1d557e5199
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame E3D7 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/6ce1854c-ed38-4401-b980-fc1d557e5199
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame E3D7 109 KB
38 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FE53 32 KB
10 KB 37ms
37ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: a33e5eabe8194daabd884f585bc604e066f0aa864becfb870ff501c4aeac7ff6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:44:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=23853
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9704
Expires: Fri, 14 Jan 2022 20:22:19 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 196E 107 KB
28 KB 33ms
33ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2852
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: 8FdURDFObnmkUSALJ8epRRBdx19mNfh64gppexcgwjYG-ZxNWUe4IQ==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame 196E 19 KB
8 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 196E 22 KB
7 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 196E 121 KB
37 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 91532438-f31b-4086-8018-7cd68ddba2a3.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame C075 107 KB
28 KB 38ms
35ms Script
application/javascript 2600:9000:223e:200:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/91532438-f31b-4086-8018-7cd68ddba2a3.js
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:200:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: j9M12Xkjn0RRMQduYfejs3OLZnrqMUK9
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 22:39:34 GMT
server: AmazonS3
age: 2852
etag: W/"d570249b7291765cd4baadf0c83d208c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 2c29bb35ddacc1dc2616fe65bdf5122e.cloudfront.net (CloudFront)
cache-control: max-age=7200, public
date: Fri, 14 Jan 2022 12:57:15 GMT
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: K6ebfa6LDIt_d5A3ffzqCvX3OsoODM4bwoMiatiJ29wkeqD1TxXwEw==

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220112/r20110914/ Frame C075 19 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220112/r20110914/abg_lite_fy2019.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0
server: cafe
etag: 7605774008668088057
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Jan 2022 13:44:38 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame C075 22 KB
7 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 17:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 Jan 2023 17:59:46 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C075 121 KB
37 KB 59ms
57ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37895
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1641990413359145"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 08E2 0
0 75ms
74ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN5_J6XDrFM6RnEOfC-Bsswof0VbAYg8eNIpjrCcIZ9GkjXM-B9vMU0BFT0vj4qGeMssesWDgPLImJxwhcFNiZY5WNrYiF0qKs5wWUgP5fhigk1fa2XwowHJMm9Sjab8y5sZ3DbbuAPDNIWD5j4MKR6dc_00eQWuvZf5r3gR3EkHNc_UC_BTu5q6f7sycSgH5ZpU7u91NMl8hLhLsUncxQgukPLgMiqN9eQn3uJ6rxrHsMO1_x1pvE3GMJtm-pr-8uf5GA5EEkO2euvs5-4x6H7ttOMMJYuXo1jsOheqRHSRnrow&sai=AMfl-YQp4rhwdFjJvLiKaUODrFaL8AheJn42_bpqeFIviUU8SP6M7D3lchKy5PQZ4vYfPy8XvcF032TLGNlesZUCzz-pjGkWGDrcFUxCeYbOd9Ib4uiYuRI6JBPb7ac3ZGtq&sig=Cg0ArKJSzGIhnUbcxz2HEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 08E2 11 KB
9 KB 137ms
53ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022010407&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e94d1db49523f9ed4d14a9136251906182cdca2c20c2759e4436b6d0b4cc0bea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8748
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/4822965595/1641582599147/BPMAE0000012738-001_BROWNS_THE_FLORIST_970x90/ Frame E321 125 KB
60 KB 85ms
84ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/4822965595/1641582599147/BPMAE0000012738-001_BROWNS_THE_FLORIST_970x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d7925c2f2ef5a3e5bd205622ba17ab9657c5f1c7c3d9100ed41c2f76bd564ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 61461
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jan 2022 13:44:46 GMT
expires: Sat, 15 Jan 2022 13:44:46 GMT
cache-control: public, max-age=86400
last-modified: Fri, 07 Jan 2022 19:09:59 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 046B 0
23 B 73ms
72ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv6C4zzX1hWbrVE_5xN8WJ4dYf2K7XPP3Qxmf7C8eEm9t5E-71XYZAxywq0Np-mocdbzQxTMsX01fWuQzFd4Ce6gKluO11Bae41z55gUaZq90YF7z2iVZyTn8lw80YleTH_xwhMSoQNEIZUlvxBdhAZozL6fesc5COXE6YzLcCeTWgxZv6vuXsrSAF2LTwQcBCTmBfdE0XXA7c70LEmSfSz8EzzsrSE7_rG42fCXRtKMPcEN_RoYOT0O4NpQLVdiHw48Y7CdsoG8CHS6LdzX2aXCzcdwMbP4qIzalJUk0Qm9dHs4Q&sai=AMfl-YTjjr28FDqORc_7lwGdl58TMORsumnUkVXp9FOFJ_0gzhAhej01EsUBYYvuR7ldTNgmqUL8g_f5bbtB0FwliafG6Ht3veV7tHzlgsHtM6Nn9jDkUA13oJRupItWYVQ&sig=Cg0ArKJSzJhQopQ0X9AgEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0EE8 0
0 75ms
75ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEZB6Dao0g68zHd8EhEv1WL1PRJsbuYJ1MHgKljkrn9thZHh7WzNwkCifVKAY186cO6eZ6DI-44PCiEeHWzL6usuxLCR8jZezYTMoV5f09fXdqtkj0Mtls3j-42scwBwN_H3cH6PmKjfz2qdGsDlMiQSuDyZRR8-kI8Rg6UGkQJ7ZlvrY47Kym2R4o-Gv_Ac75wAeJmsCL1qPZ9kxZlZFjv4jpyO0K1YfcpA6EwEGOMi5LL014fZqhluluACc_QaSumlxy2B3I5Ec6_SOUAnb2fXF7Xvs3RvoB-pWCY47nzkWc0muL&sai=AMfl-YQp0cdzH3Py53eBoB49ZHixPbpgN9Vgc6GXCnxcq-NXM-BgPvkpPGzoRTfnC2x2UUkX8O85rEWW401dAOIYQfusxPyqOKEwxPlRPKFDIAjUyg5UxrrwA-z7jsOAqk1l&sig=Cg0ArKJSzAJu2elFEtM5EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7FBC 0
0 74ms
74ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvg6tda7kwLdb5ukfa6T5oDet1mUvoif9ESTt12vv9DogJ1RBibuAhwNW3IhmdpdtjGRf4p7jIlzNXDLX8IA1FZ7t3Mo51JqDxD5oZZnL87kUa7ZBjEDMSYDZPGzfOl8p2mDG3le6CRFQk6kNKdOP0CA7qHjHbCRfVT_3ePnB_oK-STrihPt9zZGogBsjU2MYUDFv-cdO0FF8EQbFgW9f6nJbQkSZ5mKjYkdN9m-emuNHUfHiHaAlaHb-QQNta1PlV-AfPC4yhvGMQnDtILIpCVCscwhZEzCmpR97J2DqomxQtaxMu2&sai=AMfl-YSDiDlEYLgQ_TUwOqxASs-A-DpPpvDOS0xZrKJfuLqrJNlZdysAdvPh_ynsP7-Dvt3qC1UlFk9i-hY22jJeMP_cBr1XyCv0FNHedOndvr-xdSzDTochOkfkpIjw755_&sig=Cg0ArKJSzKQy5e7gKR1sEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame BCD2 2 KB
2 KB 35ms
34ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmYUtvBgUwb4a-29orEg12obuf6A&skey=934406f772f9777d&v=v29

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900&text=Live%E2%80%8BGREN%C2%A0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

964dc3d3a34759026f668a0d0cb271fbdc91859952d7e9bb49681a5cdb2c7fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 19:36:50 GMT
x-content-type-options: nosniff
age: 65276
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1952
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 19:36:50 GMT

GET
DATA 200
OK truncated
/ Frame BCD2 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a60d5b9e06c7c8379ccd72c6a900d126058c9d0216deae6ea679c52d623cc3e2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame BCD2 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f347d036065367f67bf6af6139da34f50485b66b82476694dfa4e2eb14bafcd6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame BCD2 4 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c284552c6c3d23696e2428bc032c1e71989d03fda9659a880560709c7af6840

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame BCD2 24 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06ffe5fc30946eaeb1ac7b0fa0fc3314d51cc59c7ef5a9ba0d97ad8bf3686cf2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 font
fonts.gstatic.com/l/ Frame E009 2 KB
2 KB 36ms
35ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOlCnqEu92Fr1MmYUtvBgUwb4a-29orEg12obuf6A&skey=934406f772f9777d&v=v29

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:900&text=Live%E2%80%8BGREN%C2%A0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

964dc3d3a34759026f668a0d0cb271fbdc91859952d7e9bb49681a5cdb2c7fa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 19:36:50 GMT
x-content-type-options: nosniff
age: 65276
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1952
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 19:36:50 GMT

GET
DATA 200
OK truncated
/ Frame E009 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e40b45ccb6e8b7ceb7b130855d24da5921ac87de0116ced515eb367be84f3818

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E009 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d50bc279b5d4ad86ac3d4c3e0edb457e2af29150f810f3bc1409eea13f628b1e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame E009 1 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f22e381b9b2272051de45f52f70eb6c15f45a7e8d4a9f31cde0e3471ee7577b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame E009 1009 B
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2626127faa664ba18fba1dbf1701e7a3d2b8853ba8200dc877cb1b0fb0f08fc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/5096033271/1642092399768/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_300x250/ Frame CEBE 102 KB
39 KB 35ms
35ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/5096033271/1642092399768/BPMAE0000012257-001_House_Ads_No_Charge_Rev1_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5ca40842f5b85e46ae0d15b67a4aae24b008d652a108acc8da69689781ab286f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

cross-origin-resource-policy: cross-origin
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 39598
date: Thu, 13 Jan 2022 21:34:42 GMT
expires: Fri, 14 Jan 2022 21:34:42 GMT
last-modified: Thu, 13 Jan 2022 16:46:39 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 58204
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3D7 0
23 B 76ms
76ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN1IkvSxY3cZXLzTXEk4MmiOKO66n4kCM_hOlWyVqCVs2mfa8AzeTeMuSGTTshujKVgLBqVcUfBorEuwiLso2c1aWC56Vfpek0Q9ZW4MYR7RTTdriid1YAMgvrM5JMVaEyJK2m_1SYprU4TexpZR6OWGl-P6eBmwNI7J-aJrkWfUpyJlj-al2LUA67iLdcQLhBpskwO8jxEHYj06WMwTVUxCiF61xOg5hKNyrMLNpSOwaebYSJfaF2mgkR92_Xgb2xX5uHHH6Cf2kGfivkmfPoL8i7cCqBP8J-uLPc3ECHuo7yklY&sai=AMfl-YStjjb5pWpslvw-fJaFnJJxuuy5mjLlWjwMIQ3bjtL6DjKS_qWY4voczTyvAj2GEhoqjdA8gafw0ebiOd0etV2NeMxy-Xc1zDbyO70tSB1VZjYrd0AjxBtkIUH2r4I&sig=Cg0ArKJSzMjP8WoTQBl5EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FE53 284 B
536 B 150ms
37ms Image
image/jpg 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Content-Type: image/jpg

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame 196E 9 B
552 B 119ms
118ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=650624
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xi310jmbrswD%2BUKPpDrP9%2F4N9eLexy92v4PgBPVVWBiQ5ozohs06yjb2pUG3T7Re9CEycKw%2FTxagQkZmIXPOZnS6MSh92usUpTG3pvpC69nHs6d6oixTH1u4cZyf9mDNoYV90cAch5MzyICIhxMz5tRhaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d0bb9d571c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
H3 404 91532438-f31b-4086-8018-7cd68ddba2a3
analyticssystems.net/api/v2/ad/impression/ Frame C075 9 B
553 B 114ms
114ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=162691
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B15KnSXZJd9uUOOTTi1JBnBcYM%2Bqd2c%2FzasFA9wHlgWc2ilUz6nNlLHnNFFpuMRxh2icxFhNn793dEbQ7WcEqMFdijtxxlB8CzamvXxjvcHs%2BDJWtJYR42rekAYl3gqcyerJNfr3dbvdWnYw54tlRhdInw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cf-ray: 6cd74d0bda1471c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9

GET
BLOB 200
OK aa2b01e1-a26d-46f5-99ba-bd668c1cdb8f
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame 196E 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/aa2b01e1-a26d-46f5-99ba-bd668c1cdb8f
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
BLOB 200
OK 729a2cb2-31de-4ded-9701-cc16fc7eab0c
https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/ Frame C075 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/729a2cb2-31de-4ded-9701-cc16fc7eab0c
Requested by: Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 196E 109 KB
38 KB 33ms
33ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H3 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame C075 109 KB
38 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
Origin: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 07:34:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 15 Jan 2022 07:34:55 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 08E2 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022010407.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/4855319197/1641250507898/BPMAE0000012727-001_VICTORIA_ROYALS_970x90/ Frame 0B94 205 KB
127 KB 55ms
54ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/4855319197/1641250507898/BPMAE0000012727-001_VICTORIA_ROYALS_970x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a08289919a42ed95aa44e9d43ca6bf69986fa8c3a724318ede734f3820380d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 129702
date: Fri, 14 Jan 2022 13:44:46 GMT
expires: Sat, 15 Jan 2022 13:44:46 GMT
cache-control: public, max-age=86400
last-modified: Mon, 03 Jan 2022 22:55:07 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 196E 0
23 B 76ms
75ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvZrJ2ckauCmv0kHdbbCYPBaOM1fgmCP2H1MpgsOskZm4AoyrVNqYR9gvdadP5lVpyp62q33UoQEwWntn0f-Yq8WpwkANzlnmOG0aWyGhvjxSyNwmW5MJHfy-TgbaodHjzVonrAI3zeFhIKe-EdmHmV1tlY5bz2ORpmX-1VNpu3WzKdM0eRbXq4t9ikXzHTfyKwf8wBy1JrrmoAGSQ2GeI_nAMUAssH4Y3Zowhtqkb5HEZ7e38RhKg4Sn2tEMteuTf5d8DXmCCtpc5N6SpA6B4IOmfPiEz1RRduR7kLXOI8zvYE_nM&sai=AMfl-YSdhkIeNk5Ze1EUmxP12TQyLn6yIkoOVn8yXoepEEfN-NVracnAb0RLQu6TB40KeZurkg-vqdXXVDS1rFtKuXKS8n4PTqikr-9AKskUx--L4Exy_JKFOoqHi5eEhkM&sig=Cg0ArKJSzJVzLfKbYxO9EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 css
fonts.googleapis.com/ Frame EFBF 246 B
264 B 87ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed:regular&text=W%2EBRONSTHEFLICM%20%7C%C2%A0

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e16db5b775cde462f92303a2968fe233972b12b0a7d1e5d2cf40852dd817fb11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFBF 247 B
265 B 87ms
46ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed:700&text=W%2EBRONSTHEFLICM%20%7C

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

59281db353559038a75c458b703bafbbfb9cbfdfcbfeefa46ac04056db52d08d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFBF 250 B
266 B 83ms
43ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%20Condensed:300&text=%7C%C2%A0%E2%80%8BDOWNT%20%2DSIEYHR

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a36f4c3e6634f56e8705e8210d938058df25ae5ce1c003cfacbe76b88f4f4597

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EFBF 238 B
258 B 85ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lora:regular&text=%22Stay%20ConecdFrmDiswhfl

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b8e2e17690c708e13800acc2079de828cb2304ec5743af737724761fc310d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 634E 228 B
249 B 83ms
43ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9026ae0dbf1a46ea51395e667d0beb6ac57fa3d8d7df335d5c253b4a92067e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 634E 219 B
236 B 84ms
44ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:900&text=Live%E2%80%8BGREN%C2%A0

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

266da7cbd703389ef96dd0e08434656b163a577d96470bb197e32ef2decf1095

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/dfp/126919/4676912773/1640723883206/BPMAE0000011990-001_ENTOURAGE_HAIR_REV3_970x90/ Frame DF0A 201 KB
110 KB 41ms
41ms Document
text/html 2a00:1450:4001:80e::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/126919/4676912773/1640723883206/BPMAE0000011990-001_ENTOURAGE_HAIR_REV3_970x90/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb25c18c4eee3e1128ef92983e82bd59087ab7018b45481b1db7a84362e8492e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 112354
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 14 Jan 2022 00:11:11 GMT
expires: Sat, 15 Jan 2022 00:11:11 GMT
last-modified: Tue, 28 Dec 2021 20:38:03 GMT
content-type: text/html
age: 48815
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C075 0
23 B 72ms
72ms Image
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUP0TFqj77O_k0VpAQRPGt-atEQwLORZnUNdq2LfTlTPxP3olvEjiB0vceaoZg98goBrlVbWeXPyyzMDtKrieTGyJECLeNjvSL2toOIs7gzEZzpPlxiZt0u7zpZ6YGpQkYSfRiCdbOVyON6hBHugc-UbV-vOhkKmEtfL2uouzsEUrjmXYhy-HRlTwYixS_3IK-oHV3VU4h6N0IdFOZolTXI0ozibZru724wWfquZAz9B0Qd2gy_t47VqoBKe-d_edJlbIt70VxUfdSLjo0rvRQtjXEWBzSSLMl2jj7MH5P7YGMsQ&sai=AMfl-YQfVhr-ud4itEojcqXa0pBsXNHBnzbmGhWYtkjMeHVe4tK0eiJoJFUJEAbrOOrsRoevFeJBzSZwvXCx98Q1BVQQZ8ID_0dI92h2_xcCdPA9-OSnNzFR7mxd1ACxnI4&sig=Cg0ArKJSzP9WM9WT_aNQEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
URL: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 204
No Content sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame FE53 0
239 B 642ms
156ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=123456
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=123456&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: b2a5c63b17f16a8024ffc6259157eaa8
Content-Type: image/gif

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD74 13 KB
5 KB 33ms
33ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 14 Jan 2022 13:39:53 GMT
expires: Sat, 14 Jan 2023 13:39:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 293
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8267 783 B
535 B 44ms
44ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

65ccb685abe71590d34cc032be765c650d6c0251634cc18c6a764e658edc474b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pUWs6G1RPQwPbbiqlg+04Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 14 Jan 2022 13:44:46 GMT
date: Fri, 14 Jan 2022 13:44:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-pUWs6G1RPQwPbbiqlg+04Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 font
fonts.gstatic.com/l/ Frame 634E 3 KB
3 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=KFOmCnqEu92Fr1Me4H5YIw18aYS72cUANCvmUg1KOlGwM4tjXT4&skey=a0a0114a1dcab3ac&v=v29

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:regular&text=SPECIAL%20ROTheimsNowMUY%3A

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c54aa34515c9af69ef05e5f951ba2cf9d7419be43343fc907a22f02a4faaf886

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 19:36:50 GMT
x-content-type-options: nosniff
age: 65276
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3288
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:48:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 19:36:50 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame EFBF 2 KB
2 KB 33ms
32ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=ieVl2ZhZI2eCN5jzbjEETS9weq8-59CpGwMWKLAZPW0zrZ0HiisafYv3BRs&skey=9986ecffddb755ab&v=v19

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed:regular&text=W%2EBRONSTHEFLICM%20%7C%C2%A0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f78ecef027c251b809b1cabbb7e202dbafba193eb58ca9bed83289b427cce8ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 13:48:17 GMT
x-content-type-options: nosniff
age: 86189
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2512
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:45:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Jan 2022 13:48:17 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame EFBF 3 KB
3 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=0QI6MX1D_JOuGQbT0gvTJPa787weuyJDgL52u5zck8_QLGtxyh09EdR10Ko6KPNI&skey=1d294b6d956fb8e&v=v20

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lora:regular&text=%22Stay%20ConecdFrmDiswhfl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0e170c9937c98d33429f5c6775a729a040109b112f8e4b3f2647e8fb0530789d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 13:48:17 GMT
x-content-type-options: nosniff
age: 86189
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3212
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 21:49:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Jan 2022 13:48:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8267 0
0 130ms
88ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022010407&jk=3567073384105193&rc=
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame BD74 35 KB
13 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 21:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 578369
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 21:05:17 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E3D7 0
0 84ms
83ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4_sbkCEk_f9HGexAOYGVi-uwWJTTBqQY_yTGnLB-QK8KgxHJqSsMl1B2eW7pmIg74bEZCbULuhnHiUQSc_tGv2kXe37VRsmJgucKxHtZNHPpqR-redQb_tkOKwFOFOXqFVv0zFqAjQwh_XcW7FVmEkge0kyWwIDBjjyv0aA-2FDADZ-7pJXavrpYWSuXGq4eOWGR8FfLQgvXrL_TRWwbf2IsCMIQDhwh95xSr9L4keKGZBXJG-_IPlkceKqynXHsKBwnKm0nNXouCARkhBK3K1BbVpR66yw8xHbG7UIBnrGJJA8IVjQ&sai=AMfl-YSuWsoYX8JlEQweXkGHtnjacyR2i9-yzcKX85fEHFJAs-0rg0wXjfH19i6PU8PyYm0R45N_sN2XzYC8jv3GStdv-dTHp747H3rIyx_mhpUcuQRvjcU8KsxrdL04_10&sig=Cg0ArKJSzH2YFn8ws0EUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 046B 0
0 80ms
79ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8rBosgIiC2do7lv3J2NCFX1pMwNNNiiumpvLczwWhNuDK56CifkwPoZJs25c6RVdRjCr0CaK0g2S7YYIybIP_xnKZkgUvcqJzR_qbFQmUbjmTK4Jz-XkSBTtcofY5NlNXfIkYoE79or_DgoGeWmsR5eCudkNMd64pu4dP_jGkKaBRD2HoaXLFkgZPN8YqqOx5fY5RY4_fz5Vb6jRSAcCPY5PWddnkcd0WHciFM0YBb_9TFvxEL2bzJdFC0xcAHz2kDw9J2QbpGs2O3TfL9jQleJAJshaY1GX2p50c_QPH1N-EJ7gB&sai=AMfl-YSksGIaZ50dTFQWbh3_j4WrWsviqJlRO6yqjwYifGJKOloi1o-z3nTGjpnnC9dzgM2pb-O2WhS7EQKdHpaePEJP9UWPNXvChDWeMFfqXS2_NnFwoCFNvxhkAi1ywHw&sig=Cg0ArKJSzF2xPWnvuib1EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:46 GMT

GET
DATA 200
OK truncated
/ Frame 634E 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d50bc279b5d4ad86ac3d4c3e0edb457e2af29150f810f3bc1409eea13f628b1e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 634E 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bc74ae5a4910de1912a8da509316f446d7943621b2a51901496ad90fa0746a1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 634E 2 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 29f0f85b90db2036d36a8713e35e14bba167b893a48a4650a74ea12e9153cd81

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 634E 14 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a7b1949eea2219ea987a66bb180dd106bdc1081096821c26feb682dfc3916f5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 font
fonts.gstatic.com/l/ Frame EFBF 2 KB
2 KB 40ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=ieVi2ZhZI2eCN5jzbjEETS9weq8-32meKCYKe9NyOWY_p5gAiTQHZo7Yk-xy&skey=b54a1a8c4612f15a&v=v19

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed:700&text=W%2EBRONSTHEFLICM%20%7C

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aa941cc6f4c30c17240a16c3c60d7c8cc5f90d4f25ea228cbcc4a3e91ae2e13e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 13:48:19 GMT
x-content-type-options: nosniff
age: 86187
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2424
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:45:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 13:48:19 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame EFBF 2 KB
2 KB 41ms
40ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZKCYKedNxP2AyqJ4GlyodfoX3BRvsYBY&skey=d87779efc0c688ec&v=v19

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%20Condensed:300&text=%7C%C2%A0%E2%80%8BDOWNT%20%2DSIEYHR

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ac7dafdf94610d4d706c010afd579cd8fd3ecddeb299614446ff4c2141920011

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 13 Jan 2022 13:48:19 GMT
x-content-type-options: nosniff
age: 86187
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2264
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:45:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Thu, 13 Jan 2022 13:48:19 GMT

GET
DATA 200
OK truncated
/ Frame EFBF 11 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb26c2d0ea583d840c3e11813bb19c2c6aa53566a7151039fd1970a789d51dd8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame EFBF 14 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13c38843084f9f58022831567aa5cc68e850f5afc0bdc6b5cbe07e73ba435368

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EFBF 10 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 174d898c345ede92120612b8c3c2e068221ae18dd5c56b6ddaf0b20b36879ef0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame EFBF 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fbe01e43d52d6628d548be481aff5191702a3e5edf7ab839130dd292d8145ee

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame E89F 296 B
297 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:regular&text=UNIT%20A6%2D10LDERSMH%0A%E2%80%8BOQVWY

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9be9ebdb476ad87c1a28c689810f635fa49ce01bbe0d85ffdba4e56de3cb2a14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E89F 270 B
274 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans:600&text=250%2D983

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c436ac010f6f001cbf81b6f7e9f6d92c55250b747dd01976662cbd5bd8ed5ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 13:44:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 14 Jan 2022 13:44:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 14 Jan 2022 13:44:47 GMT

GET
DATA 200
OK truncated
/ Frame 7EB8 18 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3bc22749198f18908ca884dad5d4a927413eb052e43779541b9675ef0ebb772

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7EB8 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1183285afd24c13c39fd8e33391b370d6cbe1026338289e18f8a9a71e2c374eb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7EB8 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6efdc9c3ef80446edb1194bdc645182b7a397cdcd88be580535aa1146a250fc9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7EB8 17 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ab6809fea3df1a64379671a0a30247079bc95e2aef989c01ccf22bfcf9bafec

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7EB8 19 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f03ce4f9fde13f9f02f3d6c7f9298e1023c019c3dbb2e8d2bd28a2421d50d59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7EB8 15 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ceb5eb7c0737228e6e0e8e97c5999a30c8cb01e67754a8a3fd61fb8f3c8cdc6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame 7EB8 13 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b50329110d22463b58c2b67efe4a63b33f3735f989fb1fc1b3eb3668b26a5677

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 196E 0
0 72ms
70ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsukYl0kopl8jhJU7q2H8U_acj9bb1-rKNHz_YZAZUMBkGafPR2IqMd0q-RPMdqm7_oBwbIN1c73Mto0uPQQP-a9aRLIP2N-adlWWCRxRDV9jeSdwfIjg6duN1Y8g0SIvyLCFKLpRLfnepjF5ZMc33xldC6RGx1VLh7zzrEcwm8eDoUkt7RDSH5RV28pcmNGoRkqPFHJyx24oxLfHGZMgZbPgFex933QU-JC7nv3r_f_j0OOI5LbQiIaUjU7_L-YuTqNypd9ecGdK3w67iMy9h0LK3f6SI70fq7XWRUCT7ZJ7pRshqu9sA&sai=AMfl-YRQbS5Cs4QcuGo2YiYzsF8AkGR28TbIeWmXF5H3jxXkaeUIB2CxcHBlsZodKUGzdBtugsJKtm0jCAo2sfdKkb5tgh0ikknmik31NlIdgYS5clVY4MgLGfjiEK9hfvg&sig=Cg0ArKJSzF3f3GxhWVi7EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:47 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame E89F 6 KB
6 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0C4ie0005YQgTwcG3Fh2V8SmTfx4CYT19SfrNxB5XA&skey=62c1cbfccc78b4b2&v=v27

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:regular&text=UNIT%20A6%2D10LDERSMH%0A%E2%80%8BOQVWY

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3f61de1746791bfa8dfc2587a173a2cee90920dc26ef9da1661550de6bb090ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:34:02 GMT
x-content-type-options: nosniff
age: 18645
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5640
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 21:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 08:34:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C075 0
0 70ms
70ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOcEVP9Pn4XAFTlQn3Iqt3kWE7XPcO0sRJXkcjQO8miHFb4LZcAcdfhNF94CnNmhnMgUMTiDcTpeS4XzDs-_bVsTeknF-sApQCKC9AQKp78qJYXuPDjMwqUN0JXQ6zA-ZtiZEb5rDeSh2V0wP9ZnFu9LRn85WtbJmUPgwgPnDqlq2JncwGvgb5EDRPuaT-IpamD_68DQ8uyrXgh9Z-ju8r0KpCbpMtG4LxYvx3EO51dLn9y6L-FZMhDj5G41yxmuikAWOxvRQh5ZhSedbEiJ3DhtsHmr9SUW8Sj4HsYko7WPxUjMgM&sai=AMfl-YQSo6jDE7ONWVLPY7VHGV2zG4fukaxibUybAXwg2EeLlfCt_V58wwXErq_aN3R4gE1NwAfiD3irBwe-aveHySgMORedwMk_PNeOjZGYWnIT9HNOCGBSWx3mFg9A16Q&sig=Cg0ArKJSzC-cJlNK9cQrEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 14 Jan 2022 13:44:47 GMT

GET
H3 200 font
fonts.gstatic.com/l/ Frame E89F 5 KB
5 KB 33ms
33ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1y4ie1AT9ZsjSwl-&skey=62c1cbfccc78b4b2&v=v27

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans:600&text=250%2D983

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41e782869667000b00d4900cca67080cecfc9cef41c1e1267bcfddbcc51fc666

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:34:02 GMT
x-content-type-options: nosniff
age: 18645
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5576
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 21:35:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 14 Jan 2022 08:34:02 GMT

GET
DATA 200
OK truncated
/ Frame E89F 3 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc694642ab2e417295aed8107a921b68e5849daf34e7e023d6d52bf51dc78d1a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
DATA 200
OK truncated
/ Frame E89F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b51b9ca958897eb19629107d10664c44e2a4ff47a510c9940e88198296e82d8f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E89F 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e0aec654b7388be4918792b940da68a0b3eea9989e353299905c63f8ff0826c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E89F 22 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1d58613ec3305e218719f731631f173dc1ed04e9cdb2bcb31690dcf10c9786b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E89F 13 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f8234a26dd578a322bc522b48eb8dbd12b7e6ca856f1248bcedf7cf3fa00328

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E89F 5 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3c683be7818a847cff48e77c42e992811d47c7796c0844d3af45bec774073c4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E89F 20 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa7a463f5dd7d196f0806f92a0ea1181ba882603c34ce79d4a485f13397aa908

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame E89F 22 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23c94c7f4757fc147ce565408feda80a8c936f1d9332d95dee5a3cb90828fc16

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET generate_204
tpc.googlesyndication.com/ Frame BD74 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 08E2 0
20 B 95ms
95ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022010407&jk=3567073384105193&bg=!ZGelZyPNAAaocxMpqHM7ACkAdvg8WieABRBlR3Wb7S8TPoAbS7BdMi0h6gPMFBeqbpoWqZYdBSShaAIAAABxUgAAAAJoAQcKAJ8VOoQRFaBRDeFrrS3dys0cPWIYJe5P_E6hCP7qyGkzXBMp72ARC1Ff6-5W7iTKd2Fv987r8cgpLwKEC6Lxj0w3Mg1EKQh6Fi8Ht8IQ3ElFrMapI2VJBpq55AaH6t5r-CJpP65Eg8UogndYexU2nNmVK65Juc6Pt6uWXfT0At2IMNCp28eQe4g6TBqMqRmkuCsPIfBEfIvf4pT04bsGQ2eZAsrTVnhrWmMdBml0eTN7Isj0Y7bBs84Xxc2Lyi-g8Y0c4GiTW_V5HEovPj3FRXGdlKXe-gc1zmf2LXUshvtJvv4icFFpQ8a9tzB1TEEReo5GWJHs_r9wanri6VRWza4Y7_fuKmvG1SHmDmwe_E2VQ0TMIaPC5JeoExfhWX6Ehf-xRVxJNHvmY9YsPkRZwHfx_Hrw57TKJsqcp34ZJjWqyQnXJhjG2w8w42BSkUBBSl55jrPv8JiBvyOuRd2p9_evMo0AcmRMvgWeq4GcTA70FKjSWP7vWUpOmsrxQ3VijPMW_aSIwI0ixOI3fZ9G5ZLlp_h8-2LrKhWxAOQW9IQZwFRrF4JbBa1LTakniH8zT-nIGVADNx-fyd9AV2stypEQR_qHR-PlklYj2i5L5BHqTJhX0Wnb0xLVhZJDZCgcwqb0pUv7XMpSPq9k7-e1Bu0EA_x9jo0WR0Nidls6JwfdCqxIHtLDERAWj3E__AdChDtshyuXp7jpVbIbupyHCUvqhUzBxKF6Q04ss0pq3MI0VlJ5g1zxMdrhbpUBh_wevqnAyfLgtj8QCeuvDA6baEg1SYtzk6MWeLk81ns_wPjE-a9mxVdB2ZoDNYxJiu7vUcPBmuh0YHBSexCaJgzzUpFP6eeniohwNgFlT2BLUozz__jdnICpx3y8f281ZzV2riDTBl6ZPRnBQp_nOR2JdmDrWrv90mVxWBiSDfj9gRGDIbpImM3AWBfQ3yXAPdNe0bT_bQAq4VmfV7x_w8q8JbnTXBtinVsqqZwD8j1DdvmfsAdppQ7mYsIP7vh-E3tvfW5BIaOULo1XiM2Qbxf_BLKf16PXjNkReywtO1_ARMn8HrxXcAGP-LbNxcHhwRymzGMCUGaIwTNjrww2ONwJ6C_qZaSz_i9iihmKTvo21I2Rri6xXhBAcmMD43NJMm35yG-RFh3hG9y7MJItz1w

Requested by

Host: www.vicnews.com
URL: https://www.vicnews.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 74ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: www.vicnews.com
URL: https://www.vicnews.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: CK1S7TGFRKRGF76T
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: OGqjKrSebYkUVENKnBZOO4YDw5DwZcRT4aGdJn2KMjFv/e5QUu7w42g0eld1GCwLABtAziS0ZlQ=
x-served-by: cache-lcy19261-LCY
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1642167888.519613,VS0,VE0
date: Fri, 14 Jan 2022 13:44:47 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 10048

GET
H2

200

rt=ifr Show response
bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/ Frame BA90
Redirect Chain

https://bcp.crwdcntrl.net/5/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr

1 KB
2 KB

56ms
55ms

Document
text/html

34.249.68.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/c/14243/cc.js?ns=_cc14243
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.68.36 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 011fdae7f425dc8c9e9ebded8d6ad74f2aa1538e1e70eaf7a34873244bfb0f16

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

date: Fri, 14 Jan 2022 13:44:47 GMT
content-type: text/html;charset=utf-8
content-length: 1354
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.11.76
access-control-allow-origin: *
server: Jetty(9.4.38.v20210224)

Redirect headers

date: Fri, 14 Jan 2022 13:44:47 GMT
content-length: 0
location: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control: no-cache
pragma: no-cache
expires: 0
x-server: 10.45.16.172
server: Jetty(9.4.38.v20210224)

GET yql
query.yahooapis.com/v1/public/ 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 92ms
50ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022011002&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0366804c99260d439835118c788cd3e88e4a169a033f99fc8ece551742232418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8655
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1962656279&t=timing&_s=2&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5034&pdt=9&dns=0&rrt=95&srt=170&tcp=73&dit=2339&clt=2339&_gst=1605&_gbt=1750&_cst=1346&_cbt=1599&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1888553978.1642167884&tid=UA-17100516-1&_gid=141747012.1642167884&gtm=2ou1c0&z=149540769

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 20:14:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63022
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1962656279&t=timing&_s=2&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5034&pdt=9&dns=0&rrt=95&srt=170&tcp=73&dit=2339&clt=2339&_gst=1605&_gbt=1750&_cst=1346&_cbt=1599&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1888553978.1642167884&tid=UA-17099191-3&_gid=141747012.1642167884&gtm=2ou1c0&z=48083085

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 20:14:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63022
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1962656279&t=timing&_s=2&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5034&pdt=9&dns=0&rrt=95&srt=170&tcp=73&dit=2339&clt=2339&_gst=1605&_gbt=1750&_cst=1346&_cbt=1599&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1888553978.1642167884&tid=UA-17099191-1&_gid=141747012.1642167884&gtm=2ou1c0&z=1961494183

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 20:14:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63022
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1962656279&t=timing&_s=2&dl=https%3A%2F%2Fwww.vicnews.com%2F&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5034&pdt=9&dns=0&rrt=95&srt=170&tcp=73&dit=2339&clt=2339&_gst=1605&_gbt=1750&_cst=1346&_cbt=1599&_u=YEDAAUABAAAAAC~&jid=&gjid=&cid=1888553978.1642167884&tid=UA-17099191-9&_gid=141747012.1642167884&gtm=2ou1c0&z=1215533470

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 20:14:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63022
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 34ms
34ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1962656279&t=timing&_s=2&dl=https%3A%2F%2Fwww.vicnews.com%2F&dp=%2Foap-weather-widgets%2Fcurrent&ul=en-us&de=UTF-8&dt=Victoria%20News%20%E2%80%93%20Victoria%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=5034&pdt=9&dns=0&rrt=95&srt=170&tcp=73&dit=2339&clt=2339&_gst=2587&_gbt=2588&_cst=1346&_cbt=1599&_u=QACAAEABCAAAAC~&jid=&gjid=&cid=1888553978.1642167884&tid=UA-31945348-1&_gid=141747012.1642167884&z=2037801571

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 13 Jan 2022 20:14:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 63022
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK e4824da135 Show response
bam-cell.nr-data.net/1/ 49 B
715 B 287ms
238ms Script
text/javascript 162.247.243.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/e4824da135?a=96620524&v=1212.e95d35c&to=NFVWZ0YCCERXAkxeXQ0fdVBACglZGRJIGlQRX1pH&rst=5117&ck=1&ref=https://www.vicnews.com/&ap=1073&be=361&fe=5034&dc=2339&perf=%7B%22timing%22:%7B%22of%22:1642167882423,%22n%22:0,%22f%22:95,%22dn%22:95,%22dne%22:95,%22c%22:95,%22s%22:129,%22ce%22:168,%22rq%22:168,%22rp%22:338,%22rpe%22:347,%22dl%22:341,%22di%22:2339,%22ds%22:2339,%22de%22:2371,%22dc%22:5034,%22l%22:5034,%22le%22:5050%7D,%22navigation%22:%7B%7D%7D&fp=2401&fcp=2401&at=GBJVEQ4YG0o%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:44:47 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6cd74d11790571a8-LHR

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022011002.js?31064083

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 13:44:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 14 Jan 2022 13:44:47 GMT

GET
H/1.1 200
OK utsync.ashx
ml314.com/ Frame BA90 43 B
422 B 198ms
36ms Image
image/gif 52.208.138.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ml314.com/utsync.ashx?eid=50146&et=0&fp=c06fd4f6ffbfb0e6deb4c75932af088e&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.138.90 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-138-90.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 14 Jan 2022 13:44:47 GMT
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
p3P: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0,Sat, 15 Jan 2022 08:44:47 GMT

GET
H/1.1 200
OK lotame
sync.sharethis.com/ Frame BA90 42 B
232 B 242ms
44ms Image
image/gif 18.198.109.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.sharethis.com/lotame?uid=c06fd4f6ffbfb0e6deb4c75932af088e&gdpr=1

Requested by

Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.109.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-109-212.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:44:47 GMT
Connection: keep-alive
Content-Length: 42
Strict-Transport-Security: max-age=63072000; includeSubDomains;
Content-Type: image/gif

GET
H/1.1 200
OK 5907
tags.bluekai.com/site/ Frame BA90 62 B
304 B 303ms
191ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/5907?limit=0&id=a0bbb234a25f8cb6991e1041d968c043
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 13:44:47 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 404 insync
thrtle.com/ Frame BA90 0
0 337ms
110ms Image
text/html 35.171.124.114
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=c06fd4f6ffbfb0e6deb4c75932af088e
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.171.124.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-171-124-114.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 382416.gif
idsync.rlcdn.com/ Frame BA90 42 B
417 B 127ms
59ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/382416.gif?partner_uid=c06fd4f6ffbfb0e6deb4c75932af088e&gdpr=1
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 14 Jan 2022 13:44:47 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 g.json Show response
aa.agkn.com/adscores/ Frame BA90 103 B
416 B 165ms
56ms Script
application/json 35.156.119.137
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by: Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=14243/rand=650180389/pv=y/int=%23OpR%2396012%23www.vicnews.com%20%3A%20Total%20Site%20Traffic/rt=ifr
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.119.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-119-137.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://bcp.crwdcntrl.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:47 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: application/json
content-length: 103
expires: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FBC 42 B
64 B 93ms
92ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoQtZXB7yGKVvGUqeKS6hUU892J3gHHAV5qJ7Yi1uCx3XAb9B5h2xl51brdIQP-TAuPDaXDaNZEx4RGSs9qKY4kzE7NxX5jXlGqroEOOVixSZEZ5W4&sig=Cg0ArKJSzOFNaMvwdrlfEAE&id=lidar2&mcvt=1000&p=140,315,170,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=635914923&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642167885554&rpt=1035&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0EE8 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstKuVNtNQiOijoqS1t1r39LySem6Ty78iaPmlA0oYGgSX6miSq-rjhmKqImZAH9_OmglbatvoYUBbO42tiB-oQlYxcTkIHOnAfVtS1lEqUnnmElArkY&sig=Cg0ArKJSzBBQ085Hu-FEEAE&id=lidar2&mcvt=1006&p=914,315,1164,1285&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220112&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=30&adk=3984404392&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1642167885549&rpt=1036&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F412 13 KB
5 KB 52ms
52ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 14 Jan 2022 13:39:53 GMT
expires: Sat, 14 Jan 2023 13:39:53 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 294
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C0EB 783 B
536 B 67ms
66ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b551e003c8590a821931502ea3480d3cc4f2d09fc5d4ebc82673f153a83197ec

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3FSc4aqyros4kYGzX9WCPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 14 Jan 2022 13:44:47 GMT
date: Fri, 14 Jan 2022 13:44:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-3FSc4aqyros4kYGzX9WCPw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js Show response
pagead2.googlesyndication.com/bg/ Frame F412 35 KB
13 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/u1NYxsmA8ZVAu2sVzPZBh4qj2FMOPiJd8uWeqwBcPdE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 07 Jan 2022 21:05:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 578370
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13653
x-xss-protection: 0
last-modified: Thu, 06 Jan 2022 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Jan 2023 21:05:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C0EB 0
0 76ms
76ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022011002&jk=2227910275115628&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame F412 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022011002&jk=2227910275115628&bg=!FRalFlLNAAaocxMpqHM7ACkAdvg8WnKKa12gqUSiL3tScsE1bt0_Er22XlkQ5TZ5kfHrS-aAw1BSuQIAAABVUgAAAAJoAQcKAIlUv_m_A44tdQ6-89OfwGTUth4QbVqZuuuRthnOFrEk3VfbztJM6VdQcOR9PBvQ2ezRW1iPNzvpJ00nDblbGlNw7J6W-uNHi3yTqKcU_ZYMQXe0VxhHRZoZAtP4axNWNuhmu9WFpsBldH2LsoiajBANuFQhBsk20at74RkyRI1cz5rPn2Auc_cTQ5kCupo2JLxnvrcukf3CgwLZjCC4bAZHG6OAEB-udOKkpGFafb9tx1Uq7a0MB6Bh_ULjFJlTCoFla17fyfPvn37rcmV2VbSqIM1K8Uc7-ZJzXZjB15eKhTMPUjKF3YMyG40NExUZgL9PZvBI57jQweZwpz_fkSHplANUREWToqN-e_EBuJFtjeWPNf5OL-SqRK--h8HblfeQT2Tdlax0XjJSfdjU-wr5H7cA9wieHn9R7rcc1-IoJByv8iHCqkwL7q0MBKPWvP0tG1D18npMr0G_jBIhkT28RhsrOA7KLQVE2Uj1oUXLAxj4Eg01AclNgx7t20zNhttid013fbKhrxBoQGtPZdaouFHRgF-s48U9ha0JDyIfjL2KgQfwn5QAS6fvY1mzoIS1Y5OryA5DLAo3TpHKEWc-SU7mmuVMfHQTgNBpDPkfhSDBOcjFiWVy99nCPsJUClpX31ylDOs8g5PJfQar1i2vonAPHgJL1YybvChulKZAwO_qAA8AIBA5cu3wTMZ5aEjHhWJr3GAltTQLFY1Aaln6mQxtbh3nAcvoujGlCGweodGRb05x9-V3_gq-GbgUvrPfXcqapkwedt5WTnQMk9GeFhcX1iAc5Q8-J_IOFhjTJrlzLhAs9yKJ7BGUc6n3xziBbBtDaW1RkGs6AOuh-BX-dY4DVnCaWfDq_50ZjxggW7nvrHo2Ow135Zh0DEStRU2ePZy9I-ej2-VS868IW9htYbXzRkCmLVkh95H05vUvZ_jz-5V1Nu6-zvRjidqXFvmPrszC4ts7YyvcpgisFZ-qx9rUuJqQyeMW2Nrp-E4_FYlaikGEDqsLAA0_Dg7ybK4N9yvTGE--13sRMgZibnfV_wQICLzUHirHSa25KBNZYOlBKihJODg7EFDu5EcXxBa2QdzOH464gqXhSinMaHrIcV2IkSEn

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.vicnews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 13:44:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A648 28 B
54 B 63ms
62ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/18da33ed/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/vBKRNrKn2Ss?feature=oembed
X-YouTube-Client-Version: 1.20220112.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgsySzNCdHVxMnlpbyjN_IWPBg%3D%3D
X-YouTube-Ad-Signals: dt=1642167885844&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C312%2C234&vis=1&wgl=true&ca_type=image&bid=ANyPxKrN9F42k--cB1ngDcfim3XCmd9vtNbzAzPT2ZEeV--n-fZRWZNhPKCS3eKze_bHhqTv3bbi0OMZ_BfLcqV9W6-Td1_Iew

Response headers

date: Fri, 14 Jan 2022 13:44:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Fri, 14 Jan 2022 13:44:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?ySU60g

Domain: query.yahooapis.com
URL: https://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text%3D%27%20V8W%201E4%27)%20and%20u%3D%27c%27&format=json

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?rUq44A

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.vicnews.com/	1970-01-20 00:19:32	Name: AWSALB Value: +RKmGUHVlsqxOC+NGr10pOXh+CN4xfZjKNWoH1c0QFRpBJhAlvUVX4PHeyJSNm9C8fcZDBJ2TRZW6ZOJTnpISmmWcFklHxxvz+VrCHfllmMj+IWhzKrYOR0/WehB
www.vicnews.com/	1970-01-20 00:19:32	Name: AWSALBCORS Value: +RKmGUHVlsqxOC+NGr10pOXh+CN4xfZjKNWoH1c0QFRpBJhAlvUVX4PHeyJSNm9C8fcZDBJ2TRZW6ZOJTnpISmmWcFklHxxvz+VrCHfllmMj+IWhzKrYOR0/WehB
www.vicnews.com/	1970-01-20 03:31:03	Name: blaize_session Value: 8e0f80c8-d86d-4c42-8dd3-48973a339467
www.vicnews.com/	1971-01-20 00:09:27	Name: blaize_tracking_id Value: 99de29eb-1c89-47af-84ee-be68473cc56c
www.vicnews.com/	1970-01-20 09:38:15	Name: _cb_ls Value: 1
.vicnews.com/	1970-01-20 17:40:39	Name: _ga Value: GA1.2.1888553978.1642167884
.vicnews.com/	1970-01-20 00:10:54	Name: _gid Value: GA1.2.141747012.1642167884
.vicnews.com/	1970-01-20 00:09:27	Name: _gat_gtag_UA_17100516_1 Value: 1
.vicnews.com/	1970-01-20 00:09:27	Name: _gat_gtag_UA_17099191_3 Value: 1
.vicnews.com/	1970-01-20 00:09:27	Name: _gat_gtag_UA_17099191_1 Value: 1
.vicnews.com/	1970-01-20 00:09:27	Name: _gat_gtag_UA_17099191_9 Value: 1
www.vicnews.com/	1970-01-20 09:38:15	Name: _cb Value: GqoiXu3qdCWaPHn
www.vicnews.com/	1970-01-20 09:38:15	Name: _chartbeat2 Value: .1642167884786.1642167884786.1.CSNILTCIpkchDunrd2D9ZAlRDfovqR.1
www.vicnews.com/	1970-01-20 00:09:29	Name: _cb_svref Value: null
.vicnews.com/	1970-01-20 00:09:27	Name: _gat_awxoapTracker Value: 1
.doubleclick.net/	1970-01-20 17:40:39	Name: IDE Value: AHWqTUmpCfKQCjqHRyi_dzxxDOjvjRQFAiQfBzpWp_9Z1KhjVvo3j-rA-MzkR6FHedg
.doubleclick.net/	1970-01-20 00:09:28	Name: test_cookie Value: CheckForPermission
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ntfvCrHJgGk
.youtube.com/	1970-01-20 04:28:39	Name: VISITOR_INFO1_LIVE Value: 2K3Btuq2yio
.freeskreen.com/	1970-01-20 00:19:32	Name: a Value: MzYwND0xfHw7NTE2Mj0xfHw7
.admanmedia.com/	1970-01-20 08:55:03	Name: admtr Value: 81f23864004057f44b8c9763aaba0692568e2ba7
.tremorhub.com/	1970-01-20 08:55:24	Name: tvid Value: 4d5e4f57d16e46758b2ef415364ba8d7
.freeskreen.com/	1970-01-20 00:19:32	Name: scmtid Value: c2NtaWQ9Z2liZmlpaGdiY2VnYmJ4VHV3NndzeEJ8MTY0MjE2Nzg4NTE4NiZhY2lkPSU3QiUyNFVJRCU3RHwxNjQyMTY3ODg2MjMy
.vicnews.com/	1970-01-20 09:31:03	Name: __gads Value: ID=446b8d2214f56f67:T=1642167884:S=ALNI_MYUtx6Y86bti7okqBWf3rPaXaE0Hg
.crwdcntrl.net/	1970-01-20 06:38:13	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:38:13	Name: _cc_id Value: c06fd4f6ffbfb0e6deb4c75932af088e
.crwdcntrl.net/	1970-01-20 06:38:15	Name: _cc_cc Value: "ACZ4XmNQSDYwS0sxSTNLS0tKSzJINUtJTTJJNje1NDZKTDOwsEhlAILEh3X%2BIBoCuPbOui7PuDif4T8jI8ObT5Yw5rmjh5hh7N37LgvA2DOuXdKBsVcdV4cx3y2ZwwJjH980Bc4%2BvBgh%2FgyJDQBONTZM"
.crwdcntrl.net/	1970-01-20 06:38:15	Name: _cc_aud Value: "ABR4XmNgYGBIfFjnD6QggImBI2APiMkRWAgkAUbdA%2FA%3D"
.rlcdn.com/	1970-01-20 08:55:03	Name: rlas3 Value: GaIfiGhMKviOW3D9HalzmyzEXvu1HHdvIc50XeRWz2Y=
.rlcdn.com/	1970-01-20 01:35:51	Name: pxrc Value: CAA=
.agkn.com/	1970-01-20 08:55:03	Name: ab Value: 0001%3Ah6s18kH%2BxT7hJWYL%2BLlOxmyQUikx8Rc4
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3792530daaba06ff

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=559248 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=184013 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=573971 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=197799 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=1044853 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=540799 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=262079 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=1045722 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=650624 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://analyticssystems.net/api/v2/ad/impression/91532438-f31b-4086-8018-7cd68ddba2a3?rand=162691 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://query.yahooapis.com/v1/public/yql?q=select%20%20from%20weather.forecast%20where%20woeid%20in%20(select%20woeid%20from%20geo.places(1)%20where%20text%3D%27%20V8W%201E4%27)%20and%20u%3D%27c%27&format=json Message*: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=c06fd4f6ffbfb0e6deb4c75932af088e Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4rfnv3jdfte8qj2229aqgj4h-wpengine.netdna-ssl.com
8079f97ae1267478f6b9229d87fa84ef.safeframe.googlesyndication.com
a9cd1c763ed000817391a7009c856ea4.safeframe.googlesyndication.com
aa.agkn.com
ad.crwdcntrl.net
adservice.google.co.uk
adservice.google.com
adservice.google.ie
ajax.googleapis.com
analyticssystems.net
api.dosomegood.ca
bam-cell.nr-data.net
bcp.crwdcntrl.net
content.jwplatform.com
cs.admanmedia.com
d3plfjw9uod7ab.cloudfront.net
eus.rubiconproject.com
files.dosomegood.ca
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
idsync.rlcdn.com
image.issuu.com
includemodal.global.ssl.fastly.net
js-agent.newrelic.com
loadeu.exelator.com
media.volinspire.com
ml314.com
oap.accuweather.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel-us-west.rubiconproject.com
platform.twitter.com
query.yahooapis.com
s0.2mdn.net
sb.freeskreen.com
scm.publishers.tremorhub.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.doubleclick.net
static.freeskreen.com
stats.g.doubleclick.net
sync.sharethis.com
sync.smartadserver.com
syndication.twitter.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
token.rubiconproject.com
tpc.googlesyndication.com
vortex.accuweather.com
ww1772.smartadserver.com
www.accuweather.com
www.canadianevergreen.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.vicnews.com
www.westcoasttraveller.com
www.youtube.com
yt3.ggpht.com
query.yahooapis.com
tpc.googlesyndication.com
104.111.214.80
104.111.215.191
104.244.42.72
13.32.99.68
142.250.186.162
146.148.100.136
151.101.1.194
151.101.12.157
151.101.2.137
162.247.243.146
18.198.109.212
18.66.122.126
18.66.139.106
18.66.97.8
185.86.137.17
199.187.193.166
23.37.42.132
23.79.143.124
2600:1f18:612b:4200:2a91:c38f:5261:5805
2600:9000:223c:4600:18:1fcd:34f:cdc1
2600:9000:223e:200:13:a391:88c0:21
2600:9000:2240:4800:16:8147:1b00:93a1
2600:9000:225e:dc00:1:a3fa:7cc0:93a1
2606:4700:3030::ac43:8fe0
2606:4700:3032::ac43:cb69
2a00:1450:4001:801::2002
2a00:1450:4001:803::2003
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80e::2006
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:812::2016
2a00:1450:4001:828::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9c
2a04:4e42:200::622
34.235.184.233
34.249.68.36
34.254.143.3
35.156.119.137
35.171.124.114
35.244.174.68
52.208.138.90
66.209.187.158
69.173.144.138
8.2.111.137
8.39.36.142
94.31.29.99
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
003031dc9dba70e21c24880e4927e3331cac3ea1c2a70d67d38c1a6f52c6fb16
011fdae7f425dc8c9e9ebded8d6ad74f2aa1538e1e70eaf7a34873244bfb0f16
0366804c99260d439835118c788cd3e88e4a169a033f99fc8ece551742232418
03d38b54dcaba10d86acb105f10fe7a6a74f6935921d92d89f5d1965fa304d88
04ad731c6e5054016b44319196c463d6840fd435901ab9d3baf2a3047ef25b01
05388e4e06443ecea737c8a310bf50192c39b210d2d153127899365aa98e7609
06ffe5fc30946eaeb1ac7b0fa0fc3314d51cc59c7ef5a9ba0d97ad8bf3686cf2
07989fce6a6a8a3e2d6a809effa05f2530edc3b4bd2ce0d4075d9754dc4b0e9b
0832b1aad8b9b5de1cf5e562d763533c1f167b0492a0edd4f9172db794e70cb2
08f71e3dfe76ba6bd96a9474751c9baaf5fd53a3ca529cc6dd8bfb2efdfce74e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c284552c6c3d23696e2428bc032c1e71989d03fda9659a880560709c7af6840
0c8ecde52241236d3d6616c649c14b4e9ca296acdc1fa62b34df89d1e5faa628
0e170c9937c98d33429f5c6775a729a040109b112f8e4b3f2647e8fb0530789d
1183285afd24c13c39fd8e33391b370d6cbe1026338289e18f8a9a71e2c374eb
127be23a0e604312a0bb1306cc3d4974ca29084e2f979f12e679b1103dae3cfa
12cc8a8c6b1a93a053c9b680e565983dde1cc4e531b423b5183ae12d41ed277c
12e30944fe6674c8e5ba50af5d6799ef4ad80182df101abf97d3879122361f3b
1362f0a857751cdedba4addcf37faf123fc9044cf8949d3ec09ae8ddb5f83df3
13c38843084f9f58022831567aa5cc68e850f5afc0bdc6b5cbe07e73ba435368
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14876f4f20e33a14a759aecb5e292f297e291f200af19ae30eacb237a14678e4
174d898c345ede92120612b8c3c2e068221ae18dd5c56b6ddaf0b20b36879ef0
18d6f0ef68a5d7579b70dc822677d2c6517f0773a0d51707535c00a43bc848fa
19f4edf9189f8d003c27b29fcb6f1f1085660470101374fda6648c41d4280a60
1b96e21adc8ecf230edda1374bf14d7a7839f04a1b38b863c9adb15b09e26da1
1f03ce4f9fde13f9f02f3d6c7f9298e1023c019c3dbb2e8d2bd28a2421d50d59
1f1e2b9fc7db7293f9acdbb9f8cebc3a69f6a3da07833bbac64e0b810e1de03a
1f8234a26dd578a322bc522b48eb8dbd12b7e6ca856f1248bcedf7cf3fa00328
2039446f8956518da2c2d70116d18c92fac3b04110942de074748aa4041067fb
20fdddd8c2a961b332d320c3c73e85b7205a2ca4b092779182765f8a366e7311
23c94c7f4757fc147ce565408feda80a8c936f1d9332d95dee5a3cb90828fc16
23d6ed861138f4455f0c963e3fe4c4eb80542a3ebe4eb1f8f38f068c304167b0
266da7cbd703389ef96dd0e08434656b163a577d96470bb197e32ef2decf1095
27006ae8716b071cc8dc854de1dd40f7af3ba0d2bb6a6d3ed0c60148e01fea92
2701d3a4c96041465ec17641c3f34f2d3e3395ac2d1143c12d55c6f1eb4f2e81
2963fd2b223f81b04ccf95ef0e14340fd0e5a97edbe6ad856b7f01e9b6870293
29f0f85b90db2036d36a8713e35e14bba167b893a48a4650a74ea12e9153cd81
2bdadf8a69fb9e2f22a8e2e703f4aa5e78fb6477d5a873b89a8d0352ab37886e
2e1d758c731e4f8a1f8b5259adaec7cf55dae806aa278204e06d04e7bb21e2c2
31e094c447759125b88f9012874bdf603301d99703a77718e56f0f59ae2168d9
329db6e8e06675d2772e86e236de8f20081e9d2653c3c64c408464f9e10c34b2
3629c302d434d809ef14298003322c61a1ecd7d3903738beb8412903a06e3d16
3672bea8395ad10c86323a17a3a9023e006b1344694edcc60011ed753915cf1c
372fd1cec3b746a49f8224d6b19e0270dbded9c18507749962cf404d515a5944
37d2aff7031e01ae0560d951883775d97c9d8fefa780440f643d2d5e18a0db3e
3a7b1949eea2219ea987a66bb180dd106bdc1081096821c26feb682dfc3916f5
3aa408e9a3cd7b67f583e0c5037737de9edf074034eef6ffbf4d46f027f865e5
3ad85393e2919649ed19644d46e14c7d5593ca87c12c18b0a3dc1b9fc7e6608f
3bc7d7663e920ea1a1ec97e7301c1644225cdfb02f2a3338c9b97aabee9da631
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f61de1746791bfa8dfc2587a173a2cee90920dc26ef9da1661550de6bb090ef
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40770ac17098fcd945d5c731206b7506f8bf77b37af06a7ca69ada82583948da
41e782869667000b00d4900cca67080cecfc9cef41c1e1267bcfddbcc51fc666
42398b9197177b5545f8f0ac2e1d06a502fee0c31547a1776e15393993bbe752
423db23bb2f572f66b990e1f00b57fbf2c4e7ce4218e55b9e02aed41d9460fd6
44cd9fe49edb103ac3cc88657d18ff0e0688138a4fcae6a793366b43cc7461e0
461b345c9be55a5a6d0a2b3c9b39b060cdd4d5c7bff2c410b3c6f8b77f17cb25
485406eab1653549b93fba2d2b83bd7903bd1ad9ef111cfa6db51bc5818a21f8
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ab6809fea3df1a64379671a0a30247079bc95e2aef989c01ccf22bfcf9bafec
4ac9d95327a46f8e7ba54f99217f67611a10f4c8eb4c1b1809686d24b28dcba3
4d74d7a1dc5eae37e46236249dc28454c0fea535c807509461b7a65d5e142cbf
4e0aec654b7388be4918792b940da68a0b3eea9989e353299905c63f8ff0826c
4eecd11b7c5edcb48e0f17a117e40361ce82605e0d6d1d2d3bd5636eaa0ce28f
50398432a2d90d30daa833b7d1ed29b8c56fcc046e83b8b03eed15d29fca6546
512022fa5de5495d3b452e21c96170f75a467bf9b6e89da779343faeb561b917
550293d53f877418677d1a2809ec860525d8030566be73663cadb592b924b721
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573b7f293fa9030abbea24db9fe6f9b69e4ee6cf2ebcd68b061429d7c96099fa
59281db353559038a75c458b703bafbbfb9cbfdfcbfeefa46ac04056db52d08d
5aeae9effa57334a2f01fe5bc138d28d2a378a9fa24b94bb37dcb5dc23135e86
5b5a69c63e50ccb87873ee61f375dd0cd73fd1c2d4c2bfd48f7a6e01c7578f35
5b81c92761392757029b506aa0f4375d79cc67758c0dae349a4e5eb1ec5ca77e
5bc74ae5a4910de1912a8da509316f446d7943621b2a51901496ad90fa0746a1
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c1def94c2e6b1052c5c23e8fef1791e4c4d6e32d82603cfcab9889985aa0416
5ca40842f5b85e46ae0d15b67a4aae24b008d652a108acc8da69689781ab286f
5f05a0a756f162def9263e564d58b33b32f65815ad59a320cd975bba0b49bff0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640c9cbb97ba18dc1bcde7f36eed441db79a02b0912d0f4325d4b475d3b84565
6473ebaf8c82600b4d52c041d815e04b384dfecf7012527569eb7f79ad1dddd9
65ccb685abe71590d34cc032be765c650d6c0251634cc18c6a764e658edc474b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
6984d9bd1e6367baff7e688d1b6d970ba7fef890ae81c6faa41950c3531e5143
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b8e2e17690c708e13800acc2079de828cb2304ec5743af737724761fc310d33
6cc854ff3b583e13e71d5c9256e5d17ccc3fdf7f00d6e411c2616de7521743c6
6ceb5eb7c0737228e6e0e8e97c5999a30c8cb01e67754a8a3fd61fb8f3c8cdc6
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6d38061da8e00723b973cf0cf7ec69b0913babaf65bc4fabd3ff2a89e9b9de2c
6efdc9c3ef80446edb1194bdc645182b7a397cdcd88be580535aa1146a250fc9
6f1c3f7105f5f92d49b7e0102a29617d715788ac9e882bb0fe1ceefffa64a67b
704d7984728cfb2ad19277a3646524d8b698bc2500faefc3b7c18ccb12c875e2
707c351182a9bbbbcb8dce53597e1293ff3286aace7f7dbfe682718ce3f7840b
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
728da6489d38703fff1c6f0f3c35611500d6098b945d200d59457d580e15ff70
73b4f77e35b5ba1f212adc6b97318aa5f4911030af527b545824caf06d55f042
75807a010dd395e2989544d4deed5bc3d8d36b11bed0a8ea310fcb43e8442183
767e445884a516b5b272713c012a16dd4c355f4b9d605a5d366a876b1f7403ab
79a08289919a42ed95aa44e9d43ca6bf69986fa8c3a724318ede734f3820380d
7cf8038cdcb3a550073aab5fe3af30ce5a1d5c177758dbbd5e30810e57016c13
7d7925c2f2ef5a3e5bd205622ba17ab9657c5f1c7c3d9100ed41c2f76bd564ec
7ddf297c6ba76d1ac0567ba625106e8d60fc34429fd90791a8f400d489d69e2b
7e9f08f58b3a84158e4866ed48515bae079474dbbcb191156de07278f0b44b7f
7ee7da6701b0e8f97f1e68db244f56f0a449e0db12454ba66e053f9924413833
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83a9ab434109bc8045cf6ccdd0365b0e53b6acf155438de7370ce67fd0facc79
8429ee59d5d95144466d7413643de29e3510229af8bfd87b05b44454448ce43c
847828ce76d2de856454fd299bb28a970df5c2a07496aa8372d82482f47b46a9
8c3b4dc6462c11e820587fef21d3425d418b380ef8654185b31e61ac840bca21
8d814d5a5e1eb7d60c1147f676fb09de9ad09f4cc12ca141eacf797bd78a0460
8dccb24c90de65a4ea4dd4924aadf190762bf486d4a3cfa433df69392ec554ef
8e64b6a5f5d5a0b8ea6607cce599ac853ab87509f1720e6da90f5d400a3014f2
9026ae0dbf1a46ea51395e667d0beb6ac57fa3d8d7df335d5c253b4a92067e48
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91e440c12bc7ab89da456af7977a7822d5ed0530cba7cfc606d46ec53ef11807
91ee81473c12b0432e18c883c266b1977810757969e9bdfb6873d049605ccabf
9441affa4466bff426b0a969690d957f24719bfd7aa82ef64e35f1998b2c8c42
964dc3d3a34759026f668a0d0cb271fbdc91859952d7e9bb49681a5cdb2c7fa8
9a56a80cfbd87bcd83879b36aa8ed431326879e2463b4e4652377f44b1f622ff
9abccc1d5a6ece20fd8459287221f1a50069efc85c38301ef9dc036b093153fa
9be9ebdb476ad87c1a28c689810f635fa49ce01bbe0d85ffdba4e56de3cb2a14
9bf39525e3f021f8ee678d293c118f8cd7bd2459d505ed31782655f907533fc1
9d6989cd58600aba8e1458903ffeba2247469ad439338a8be655833bdaffce84
9f22e381b9b2272051de45f52f70eb6c15f45a7e8d4a9f31cde0e3471ee7577b
9fbe01e43d52d6628d548be481aff5191702a3e5edf7ab839130dd292d8145ee
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a9324c503cc885e5bf568d8c5de12c34c0adc3a4990d547a4514179108badd
a1d58613ec3305e218719f731631f173dc1ed04e9cdb2bcb31690dcf10c9786b
a30cf27bf4f5e5a36691545e2adf296b8c7c8c8fca7d0d34fec9773b4cb1ac31
a33e5eabe8194daabd884f585bc604e066f0aa864becfb870ff501c4aeac7ff6
a36f4c3e6634f56e8705e8210d938058df25ae5ce1c003cfacbe76b88f4f4597
a3b96368369f7b3e5080b49b59c3c96d8f3e00c3f20c35bea324f49fe5b2a223
a4594261b8eae1780f909ccd0b71e57384c43c5a7467e299ef25b5d33e9063be
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a60d5b9e06c7c8379ccd72c6a900d126058c9d0216deae6ea679c52d623cc3e2
a65142d3adfb3ba55652c518ae1f2824e2ff430c8371bc485ba88f46b83fd58f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9768898aff83f21ad86e870521d5950ec2016e3e71a0338c299d92de1293991
aa941cc6f4c30c17240a16c3c60d7c8cc5f90d4f25ea228cbcc4a3e91ae2e13e
ac7dafdf94610d4d706c010afd579cd8fd3ecddeb299614446ff4c2141920011
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1408d3409cf025b81587ee524f097153ec59c1e5dc04476ec29badb7e6d8e3c
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2526f7e64586dd414f1a6c6457a7706442bc460e2f34d1af71c5e0b7d4f70c5
b4e4b5f8411a34d61a21827a8d3c221821e3a938f87e6c49af63b5fef34976c3
b50329110d22463b58c2b67efe4a63b33f3735f989fb1fc1b3eb3668b26a5677
b51b9ca958897eb19629107d10664c44e2a4ff47a510c9940e88198296e82d8f
b551e003c8590a821931502ea3480d3cc4f2d09fc5d4ebc82673f153a83197ec
b663419733f90e316eda931466ed2777ac88965474ff4cb1cb8ce4e78f4aa87d
b9517520826c7286a1298e06934eafe8dc3cf7aaa60d0568f3a4f2d35aca1bf3
baa31e6a37a6ac9e8011f25fbd97e9d31707d917d756ea0438f0c5d3689e14c0
bb5358c6c980f19540bb6b15ccf641878aa3d8530e3e225df2e59eab005c3dd1
bc694642ab2e417295aed8107a921b68e5849daf34e7e023d6d52bf51dc78d1a
bd5ca88938d0fa04efcde126f13b5ffa5e22a6e21c2e7907cf875ce610b8fe4b
bfd1c401f85a0fd4319ecc0bcb96ab96857dde344d688d72cdc7a2e76771d2e0
c0aee472aeb8982d5544128d163abd9db0d7facfbf76ecaedf190575da24250b
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c22ae156856566d3f48ce3205740bd726afb4b9532e92cb6b6a950c3401bfb31
c2c2a6d3a2fc0da56714a8ddd0c530f8da500f5520da2d5bbafec8dfe4d76e44
c393bbf55a3f5fdc1b55641aef28ae5fb710e79591827b2aa260fd8d83fbdec6
c436ac010f6f001cbf81b6f7e9f6d92c55250b747dd01976662cbd5bd8ed5ace
c54aa34515c9af69ef05e5f951ba2cf9d7419be43343fc907a22f02a4faaf886
c6b41a63cf7a39bf68deb8598c6d566238f427e651a4141d85aea79d04936c90
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c920d05e043a2eeeba0e6851e09641ec510b317a9a985e42086af042c225a9df
cb25c18c4eee3e1128ef92983e82bd59087ab7018b45481b1db7a84362e8492e
cb26c2d0ea583d840c3e11813bb19c2c6aa53566a7151039fd1970a789d51dd8
ce547e85d9ea981e3853a34f1584d1a855586695f4beb79abd63d771820e1708
cf158126fa85404eafbbedb5b96f35d4333d2b8d289bd28e6f221062fc204bbc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d22ce3f9258e1acac0f6e226c14ef945d60d66978e9c8fe5a0585224688cca6c
d4d964d6d34df7fde3554039d33b468b74afee14d6526a87b926688f0fc8d93c
d50bc279b5d4ad86ac3d4c3e0edb457e2af29150f810f3bc1409eea13f628b1e
d7a3ae0e26ae218f29b1f89bf587b2b3d373b2439fc96f8e536de9a6769f9d28
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
df9ee7e636a2b24cfecf3c9412ba36fb5260bd50d8ca75c0a7256cf0495f70c0
e0ed409398973fa288ded5fef87549f872d6b5e2eb72886b0e5e0cef9a799065
e16db5b775cde462f92303a2968fe233972b12b0a7d1e5d2cf40852dd817fb11
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e2626127faa664ba18fba1dbf1701e7a3d2b8853ba8200dc877cb1b0fb0f08fc
e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c
e2e654e5dfb231cf765551a11f9a94cc83c7cc1d7f84fb9d8c119736ab66dc16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40b45ccb6e8b7ceb7b130855d24da5921ac87de0116ced515eb367be84f3818
e6748d6778f5b4ee46332333f35f2e71dad6b2aa978fa047288ec2b1152ad5c5
e6f2bba5ce0b9b38106234148f240e21674ee0b3c67eb520fa021a3bc7521cf2
e7e86c2b9c0b982d273405f81374d4947398bfc3c0d131447505bff59c863d09
e85af39defda4c9dad2c748e5be91e6d992d6bb3a714ed314e4280c06f2cb68c
e87e542e34fc3af7847f53ae5c258f82ff2d8739646ed8d249c9a54ede9f7128
e88589a7b64717579ecb1461176505cccfe9b0984c42f4972e426dc9adc3ddcf
e8ee191c185387e7f19f53cc190439cb23988dc2033b6249cf3b479c4c0f6e8e
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
e94d1db49523f9ed4d14a9136251906182cdca2c20c2759e4436b6d0b4cc0bea
ecda9bc7461947ae9c9a0a52eb4d2839d543283c48993a52631dba9eb4141fb6
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eecf3ab620492e6e2e3a683988cb1ca9eb13f3a12c59327109e3779a4445ed4b
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f347d036065367f67bf6af6139da34f50485b66b82476694dfa4e2eb14bafcd6
f3bc22749198f18908ca884dad5d4a927413eb052e43779541b9675ef0ebb772
f3c683be7818a847cff48e77c42e992811d47c7796c0844d3af45bec774073c4
f4004064d3e44de7a73afe914870f5ea72e5d2bfcf228c6316e97b6359e24207
f78ecef027c251b809b1cabbb7e202dbafba193eb58ca9bed83289b427cce8ea
fa7a463f5dd7d196f0806f92a0ea1181ba882603c34ce79d4a485f13397aa908
ff1ab6d73a7b152e1375c3856f8b358cb56c5ebdff8f2c8283008ee7ec4374bc
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.vicnews.com Open in urlscan Pro 18.66.139.106 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

313 Requests

92 %HTTPS

48 %IPv6

45 Domains

66 Subdomains

57 IPs

7 Countries

7312 kBTransfer

16345 kBSize

32 Cookies

55 Outgoing links

Page URL History

Redirected requests

313 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 27 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.vicnews.com Open in urlscan Pro
18.66.139.106 Public Scan

Screenshot
Live screenshot

Full Image

313
Requests

92 %
HTTPS

48 %
IPv6

45
Domains

66
Subdomains

57
IPs

7
Countries

7312 kB
Transfer

16345 kB
Size

32
Cookies

313 HTTP transactions
27 data transactions